Kansas City, Missouri, United States
Jeff Wagner has over 25 years of cybersecurity experience as a practitioner, manager, executive and public speaker. He served as the Chief Information Security Officer (CISO) for the USDA Farm Service Agency (FSA), USDA Natural Resources Conservation Service (NRCS), and the USDA Farm Production and Conservation (FPAC) Mission Area. As a federal IT executive, Jeff has secured $750 million in annual purchases of IT products and services and managed annual budgets of over $31 million. Jeff has been a speaker, panelist and moderator heard by Fortune 500 companies and the Federal Computer Security Managers Forum sponsored by the National Institute of Standards and Technology (NIST). In 2019, Jeff left federal service and founded Aspis, LLC, an IT professional services company specializing in cybersecurity to solve the complex cybersecurity problems of organizations of all sizes. Jeff has grown the company to over $1 million in annual revenue that employs 18 people and operates in three locations. Jeff led Aspis to achieve NGLCC LGBT Business Enterprise certification in 2019, Better Business Bureau accreditation in 2021, Virginia Values Veterans certification in 2021, and SBA HUBZone certification in 2022. Jeff has been honored by Forbes Magazine as a Forbes Next 1000 honoree and the Kansas City Business Journal as a NextGen Leader nominee. Jeff has a passion for volunteerism and non-profit work. He regularly volunteers his time to mentor and coach aspiring early-career cybersecurity professionals. He ensures that Aspis donates professional services to 501(c)(3) and 501(c)(6) non-profits in his hometown of Kansas City, Missouri. For five years he volunteered at the St. James Lutheran, Kansas City, Missouri food pantry. For two years he volunteered as a general member of the Greater Kansas City Federal Executive Board. For six years he served as a board member, including one year as vice president, for the Metropolitan Lutheran Ministry of Kansas City. He donates his time to the Mid-America LGBT Chamber of Commerce as the chair of the Certified LGBTQBE Supplier Diversity Committee cultivating diverse and inclusive small business programming and informally as a small business advisor. Finally, he is a Advisory Board Member for the Pride Charitable Fund of the Greater Kansas City Community Foundation.
SMB to Enterprise, Non-profit and Government United States June 2019-present IT Subject Matter Expert (USAF CTR) Arlington, Virginia Nov 2021 – Present Cybersecurity Subject Matter Expert (USDA CTR) Washington, DC November 2021 - Present Special Assistant to the Chief Information Security Officer (USDA CTR) Washington, District of Columbia Sep 2019 – Nov 2021 - Executive cybersecurity support, strategy, communications, leadership, and general management
Aspis delivers cybersecurity and administrative services to both government and commercial clients in the Kansas City, Missouri, and Washington, DC, regions. Our capabilities include plan development (security, incident response, disaster recovery), vulnerability assessments, dark web monitoring, and security awareness training. Our past performance includes Executive Cybersecurity Consulting (C-level cyber support for CIOs and CISOs); and Executive and Administrative Assistants. https://aspis.consulting
As the Chief Information Security Officer and the Information Assurance Branch Chief in the Farm Production and Conservation (FPAC) Business Center I champion a business-orientated risk management approach to cybersecurity primarily focused on people and data enabled by process and technology. I assure the cybersecurity of $750 million annual purchase of IT products and services. I lead a geographically dispersed, highly technical and diverse team of employees and contractors located in Fort Collins, CO; Kansas City, MO; St. Louis, MO; and Washington, DC; leveraging a nationwide network of field representatives; and partnering with service providers located in the National Capital Region; New Orleans, LA; Kansas City, MO; and Fort Collins, CO, to accomplish the mission of the cybersecurity program. I provide direction, leadership, management, and coordination to maintain the confidentiality, integrity and availability of information systems; identify, define, plan and implement new initiatives to ensure the continuing maturity of the program and reduction of risk; plan and develop policies, standards, and guidelines for information security; advise all levels of the agency (non-supervisory, supervisory and executive; IT and non-IT) on information security principles, policies, standards and procedures; establish goals and objectives to ensure compliance, integrity and accountability; and measure and communicate risk to business mission. The FPAC Business Center ensures that systems, policies, procedures, and practices are developed that provide a consistent enterprise-wide view that encompasses the Farm Service Agency (FSA), Natural Resources Conservation Service (NRCS), and Risk Management Agency (RMA) to effectively and efficiently deliver programs to FPAC customers. The FPAC mission area has approximately a $2.4B operating budget with over 23,000 employees in over 2300 service centers across 10 timezones delivering over $51B in programs to 11M customers.
True Security Partnerships- Speaking the Language of Business and Technology Cyber security needs to be aligned with the business with accountability across the organization. Audit, risk, compliance, data, and privacy are all components of proactive security leadership. Leadership needs to be in the forefront - translating and communicating risk in a way that resonates with the business stakeholders. Cyber security is just one responsibility of the CISO, with high profile data breaches in the evolving regulatory era, communication with the board and the rest of the C-suite is paramount. CISOs must shape the message and methods to address unique organizational dynamics and instil security awareness as a part of corporate culture. Security needs to be seen as adding value not just meeting compliance requirements. Engaging, managing, and exceeding expectations Top-down focus on risk management Evolving roles of the CISO, CIRO, and CIOs
As the Chief Information Security Officer and the Director of the Information Security Office I led a geographically dispersed, highly technical and diverse team of employees and contractors located in Kansas City, MO; St. Louis, MO; and Washington, DC; leveraging a nationwide network of field representatives (approx. 2 per State); and partnering with service providers located in the National Capital Region; New Orleans, LA; Kansas City, MO; and Fort Collins, CO, to accomplish the mission of the information systems security program. I provide direction, leadership, management, and coordination to maintain the confidentiality, integrity and availability of information systems; identify, define, plan and implement new initiatives to ensure the continuing maturity of the program and reduction of risk; plan and develop policies, standards, and guidelines for information security; advise all levels of the agency (non-supervisory, supervisory and executive; IT and non-IT) on information security principles, policies, standards and procedures; establish goals and objectives to ensure compliance, integrity and accountability; and measure and communicate risk to business mission framed by the performance, efficiency and effectiveness of the information security program. The Farm Service Agency (www.fsa.usda.gov) delivers over $6B in direct and guaranteed farm loans, nearly $9B in farm program payments, and helps to ensure the security of commodities distributed worldwide all through a network of over 2,100 field offices supported by headquarters and regional offices throughout the United States.
The Information Security Operation Group is responsible for access management, computer incident response, digital forensics, contingency planning, security architecture, standards and requirements, IT systems security accreditations, and security service desk.
Certification and Accreditation of IT systems; Access Management; Digital Forensics; Computer Incident Response; Contingency Planning; Policy development.