Dawn-Marie Hutchinson is the Chief Information Security Officer at BAT, a leading global tobacco company. She is responsible for the security of the company’s e-commerce, retail, smart manufacturing and connected devices.
She has over 18 years of enterprise information technology experience and is an expert in data privacy and security solutions including information risk management and IT governance in the healthcare, insurance, retail and higher education sectors.
Prior to BAT, Dawn-Marie served as Senior Director of Tech Transformation and Chief Information Security Officer of Pharma, R&D, and Supply Chain at GSK. Previously, she served as Optiv’s Virtual CISO and interim CISO of several "Fortune 500" clients. She was also the Chief Information Security Officer at Comm Solutions (now part of Optiv), Head of Information Security at Urban Outfitters, and served in security leadership positions at IMS Health and Independence Blue Cross.
Dawn-Marie was featured in CSO Magazine’s Top 10 Influential Women in Cybersecurity (2017), was the recipient of the CRN Women’s Power 50 award (2015) and selected the 2014 Evanta Breakaway Leader Nominee and Women of Influence Award Nominee. She holds a Master of Business Administration from the Saint Joseph’s University Haub School of Business and is a certified CISM, CRISC, and CISA.
For many industrial control systems (ICS), trust has historically been assumed. Given the long-term use of these assets, any ICS designed was presumed the that asset owner and manufacturers knew what should and should not be trusted as critical to their systems. As we enter an era of zero trust, we move from presumed trust to assumed breached where nothing is trusted without verification and minimal access is granted. Zero trust introduces challenges that impact the use of legacy equipment, remote access for OEMs and integrators, warranties for automation controls equipment and potential disruption to processes. During this panel, Fortinet and a panel of security leaders will explore the zero trust mindset necessary across OT and IT to secure modern and legacy solutions while supporting remote access and protecting resources (assets, processes, services, etc.) within an network boundary.