Kyle Lai

President and CISO – KLC Consulting Inc.

Kyle Lai President and CISO of KLC Consulting Inc Photo

Kyle Lai is CISO of KLC Consulting and a recent security advisor to the largest Fortune 500 global oil and energy company in the areas of cybersecurity, application security, and privacy. Prior to founding KLC, he was CISO of the global IT firm, Pactera, and of Brandeis University – Heller School. He has over 20 years of Information Security and Audit experience, ranging from cybersecurity strategy and policy development/review, vulnerability management, penetration testing, incident response, business continuity planning, regulatory compliance, and third-party supplier security risk management.

Kyle Lai consulted at Fidelity Investments, the US Federal Government, Department of Defense, Price Waterhouse Coopers and several Fortune 500 companies including Boeing, HP, Fannie Mae, Microsoft, and Akamai. Kyle created SMAC MAC Address Changer software which helps companies test and address security and privacy issues.  Customers include Department of Defense, Department of Homeland Security, Department of Justice, Federal Aviation Administration, Boeing, Intel, Cisco, Panasonic, Siemens, and over 2.5 million users worldwide.  Kyle manages 3 LinkedIn groups: Cybersecurity Community, Third Party Security Risk Management, and Cloud Computing Security Community.

Member:  InfraGard (FBI Sponsored), ISSA, AFCEA, OWASP, IAPP, Texas CISO Council
Certifications: CISSP, CSSLP, CISA, CIPP/US, CIPP/G, Palo Alto ACE, Varonis CE
Past Certification: MCSE, DISA System Administrator II

Areas of Expertise:

  • NIST 800-171 / CMMC (Cybersecurity Maturity Model Certification)
  • IT Security Advisory
  • Information Security Policy Development
  • Third-party Vendor Security Risk Assessment
  • Certification & Accreditation (C&A)
  • Penetration Testing / Vulnerability Assessment
  • Incident Response
  • Business Continuity Planning (BCP)
  • Cloud Security
  • US, EU Privacy Regulations
  • M&A Due Diligence Assessment
  • Application Security (OWASP)

For the latest trends in NIST 800-171 and CMMC please click here to visit our vBlog page