LEADERS IN CYBERSECURITY

Deneen DeFiore

Vice President and Chief Information Security Officer, United Airlines

Deneen is an accomplished technology and risk management executive with experience across multiple critical infrastructure sectors. She has expertise in advising global companies and their most senior executives on technology, cybersecurity, compliance and digital risk decisions related to products, services, and ongoing operations.

Deneen serves as Vice President and Chief Information Security Officer at United Airlines. She is responsible for leading the cybersecurity and digital risk organization to ensure the company is prepared to prevent, detect, and respond to evolving cyber threats. She leads initiatives on commercial aviation cyber safety risk, improving cyber resilience, and represents United in working with international partners to reduce cyber safety risk worldwide across the aviation ecosystem.

Deneen is the Chair of the board of the Aviation Information Sharing Analysis Center and the Chairperson of the Airlines for America (A4A) Cybersecurity Committee. She is an independent director and a member of Blackbaud Software’s board of directors. In 2022, she was appointed to serve on the President’s National Infrastructure Advisory Council (NIAC), advising the White House on reducing physical and cyber risks and improving the security and resilience of the nation’s critical infrastructure sectors.

She is passionate about diversity in the tech industry and promoting STEM education. Show more

What does a typical day of work look like for you?

I focus on securing United’s airline operations, digital systems, information and assets, as well as ensuring we have compliance with global regulatory requirements. I spend a lot of my time with operations leaders at United, our key partners and suppliers, helping them understand risks and prepare for cyber threats. A typical day might look like this: taking a deep dive with my teams to learn about a new security technology we are developing, attending a threat briefing to understand what new threats and risks we must be ready for, or meeting with airline operations leaders, industry peers and regulators.

What aspects of your career journey have taken you by surprise?

I would like to say I had a plan, but as I reflect on my career path and choices, it was all about finding the next challenge. It’s OK to make different choices based on the moments you are experiencing.

Tell us about the cyber project you're most proud of working on in your career.

I’m most proud of seeing my team members’ success and growth. There are numerous people I have worked with through the years and now are CISOs themselves!

How has public perception of cybersecurity changed over the course of your career, and how do you predict in the future?

Cybersecurity is dynamic and, over the years, has evolved from a technology risk to a business risk. I love being connected to the business. Every time I board a flight, I am reminded that my work makes a real-world impact. A data breach or service outage breaks trust. The customer won’t be upset about the failed firewall or the admin that misconfigured a cloud VPC. They lose trust in United. So, protecting our business and customer relationships means managing cybersecurity and technology risks.

Tell us about your first job (can be anything!) and one lesson you might have learned from it.

My very first job was in high school, working for my mother at the ice cream shop she ran. I quickly realized, that wasn’t ideal for either of us! The first job I had in technology was as an application analyst – it was my job to be the subject matter expert on a few modules of an enterprise system and ensure our business process fit with the technology. I was intimidated because I did not have a computer science or IT degree or education. I learned I needed to believe in myself and be a confident expert. It didn’t matter what my background was, what mattered is that I was delivering outcomes and my work products were a success.

What’s one piece of advice you’d give your younger self about getting started in cyber?

There are so many opportunities in cybersecurity. According to recent research, women only represent 20 to 25 percent of the cybersecurity workforce. So, ladies, don’t pass up an opportunity because you don’t check off every requirement for the role. Go for it! If you are passionate, confident and willing to learn, you will succeed.

Tell us about a role model or mentor who has helped shape your career.

I had a sponsor that pushed me personally and helped me with a pivotal career decision. In addition to being a new discipline for me to learn, the job offer had the location of “to be determined,” as our company was still deciding where the function would be based! To say I thought I was “over my skis” was an understatement. I had great sponsorship at the time and someone willing to take a chance on me. I had always worked hard and did very well, but through this process, I realized I needed to step up and truly be the confident expert and leader that others saw in me. I developed a lot of strength and resilience and, of course, new knowledge and skills that I still draw from to this day. That decision and role launched a new path for me.

A meeting gets canceled and you have a surprise 30 minute window of free time — how do you spend it?

I take the time to just think!

What are the ways you stay grounded and take care of yourself?

I make sure to schedule downtime and commit to it. Whether it’s blocking out my calendar for a few hours or taking a vacation with my family. I commit to being present in that moment.

When you think about your personal legacy as a leader, what do you hope people will remember?

That I left positive and beautiful things behind.