Michael Molinaro

CISO, VP, Information Technology
Bio Reference Laboratories Inc.

Mr. Molinaro has specialized in transforming and building secure, quantitatively repeatable and compliant Information Technology and Enterprise Risk and Security Departments. Flexible information services can be delivered quickly and secure by developing and integrating proven mature methodologies in security, risk, project, software-development, quality and service management with Business Process Management (BPM) Software in business and technology. Mr. Molinaro has been assisting organizations in business and technology engineering and process improvement over a 33 year career. His experience spans multiple industry verticals that include military, manufacturing/engineering, software/ecommerce, retail, telecommunications/cloud, healthcare, education, insurance and medical diagnostics/Biotech. Mr. Molinaro has held technical and management positions at leading companies and organizations such as the United States Army, Cellular One, MCI Telecommunications Inc., Movado, Ground Travel Technology Team Inc., AEGIS Insurance Services Inc., Bright House Networks and Bio Reference Laboratories.

Mr. Molinaro holds a Bachelors of Science in Electronics Engineering Technology and a Master’s of Science in Information Technology and Cybersecurity from the Florida Institute of Technology, and is currently pursuing an MBA. Mr. Molinaro is also a veteran of the United States Army Signal Corp and was nominated runner-up for the CISO of the year by the EC-Council security group and CIO of the year by the Tampa Bay Technology Forum in 2014. He formerly held several “technical” certifications and currently maintains multiple IT, security and risk certifications; CISSP (Certified Information Systems Security Professional), CGEIT (Certified in the Governance of Enterprise IT), C|CISO (Certified Chief Information Security Officer), CRISC (Certified in Risk and Information Systems Controls), CISM (Certified Information Security Manager), ITIL (Version 3 Foundations Certification).

Mr. Molinaro was the leader and architect of the overall Cyber defense of the 2012 Republican National Convention in Tampa, Florida (a National Public Event) as well as the head of the IT Dept. Mr. Molinaro’s team was the cyber eyes and ears of this National Public Event. His breadth of experience and use of standardized methodology in information systems, risk, security, project management, business process engineering, policy making, power & radio engineering and software development has provided solutions and strategies in design, operations, maintenance and repair that greatly contributed to increasing and improving the corporate bottom line, quality, customer service, security and compliance effectiveness of many businesses. His methods and practices are based on sound and proven scientific and discrete engineering techniques used by the most successful organizations worldwide and he has met and exceeded corporate and customer satisfaction challenges. These practices are those developed, successfully deployed and greatly promoted by Carnegie-Mellon and other prestigious and well known engineering, scientific Universities and businesses worldwide.

Michael enjoys working in a fast paced entrepreneurial environment and thrives on contributing to the creative process. He can assist you to concentrate your energies on your business and customer’s by developing, planning and implementing business, technology, risk,  security and compliance strategies tailored to fit your leadership and business styles. Mr. Molinaro’s specific areas of specialization are:

•    HIPAA, PCI, SOX and NERC compliance, methodology, security risk assessments, planning and implementation
•    Developing Security, Risk, Governance and Information Systems management programs and departments
•    Development in building of IT Departments on Business Process Management software systems
•    Create business value by adapting to new frameworks, models, methodology and technology
•    Building validatable IT departments and integrated transition services such as change and release management
•    Introduce, execute and operate as a change agent that drives enterprise performance, competitive advantage and Value of Investment
•    Creating and implementing VOI  (Value of Investment) not just ROI
•    Business and technology life cycle management and business process synergy
•    Avoiding the business technology “Delivery GAP” pitfalls
•    Technology and business project management and team collaboration
•    Network design and network management with a focus on best practice security integration (Baking in Security not just Bolting it On)
•    Full and partial systems maintenance and systems life cycle planning
•    Design of voice and data technology strategies based on business requirements
•    Voice and IP telephony and  convergence, integration planning and strategy alignment

Mr. Molinaro is a member of the following professional organizations:
1.)    Project Management Institute, PMI
2.)    International Information Systems Security Certification Consortium, (ISC)2
3.)    Information Systems Audit and Control Association, ISACA
4.)    International Electrical and Electronic Engineers  Computer Society, IEEE
5.)    Armed Forces Communications Electronics Association – International, AFCEA
6.)    Signal Corp Regimental Association, SCRA
7.)    InfraGard
8.)    Information Systems Security Association, ISSA
9.)    International Association and Society of Industrial Security Professionals, ASIS
10.)    EC-Counsel for Cybersecurity
11.)    Association of Certified Fraud Examiners, ACFE
12.)    Society of Cable Telecommunications Engineers, SCTE
13.)    US Secret Service electronic Computer Crimes Task Force (eCTF)
14.)    Former Member of the US National Communications and Telecommunications Association Cybersecurity Board, NCTA and to CSRIC – III and CSRIC - IV
15.)    Former Board member of the Museum of Science and Industry, MOSI, in Tampa, Florida
16.)    Former member of the Industry BOTNET Group or IBG

Previous & Recent Speaking Engagements and Awards:

Major Presentations:

1 - “How to Build, Run and Secure an IT Department with Business Process Management Tools - Minimize the IT Delivery Gap”
2 - “Cybersecurity Defense for Public National Events:  Protecting the 2012 Republican National Convention”
3 - “Effective IT and Security Leadership for HIPAA (or any) Compliance”


4    - Nominated “CISO of the Year – 2014” by EC|Council – Finalist and Runner-Up Awardee October 17, 2014
5 - Nominated CIO of the year 2014 – Tampa Bay Technology Forum – Rescinded Due to relocation to New Jersey

Speaking Engagements & Panels:
•    Business Process Software and Dev/Ops Summit - Management and Cultural factors for Supporting, Presenting and Securing Budgetary and Operational Requirements at the CXX and Board Level, New York City, N.Y., (November 17, 2015)
•    Defense of  National Public Event – Blueprint for building a Risk, Governance and Security program for any size organization, ISC2 Chapter Meeting, Hamilton, N.J., (October 29, 2015)
•    The Data Breach and Working with Law Enforcement Panel – Blueprint for How the Business and IT Executives Must Manage and Cooperate with Law Enforcement, Information Security Media Group, New York City Data Breach Symposium, October 21, 2015
•    Preparing for a Data Breach – Blueprint for building a Risk, Governance and Security program for any size organization, Information Security Media Group, New York City Data Breach Symposium, October 21, 2015
•    Microsoft and Quality Technology Solutions Envision IT, Risk & Security CXX panel – Cloud Services, Security and IT Delivery GAP challenges, Microsoft Building, NYC, (September 17, 2015)
•    IT Security Leaders Panelist, SecureCIO New York Event - CIOsynergy unites IT leaders representing some of the largest brands and a rare opportunity to exchange ideas within a group of leaders that chase the common goal of advancement through innovation. (August 13, 2015)
•    Distinguished Speaker: Life Science Data Privacy Symposium - Designing and Building a HIPAA and HITECH based IT, Risk and Security program that Exceeds HIPAA standards – Tools, People, Product and Planning demystified – Q1 Productions, Philadelphia, Pa (July 27, 2015)
•    Keynote Speaker: ASIS International and ISC2 Cyber and Physical Security & Risk Management Symposium Cybersecurity in today’s complex World and the Defense of a National Public Event, Rutgers University (May 8, 2015 Piscataway, NJ)
•    The State of Today’s Cyber Defenses in the Corporate Landscape - Tampa Bay Book of Journals Cyber Security Event and Panel Discussion (Oct. 7, 2014, Tampa, FL)
•    Information Security Leaders Panel on Cybersecurity - Tampa Bay Technology Forum (Sept. 25, 2014, Tampa, FL)
•    “How to Identify and Act On Cyber Threats, Vulnerabilities and Exploits” - Florida Department of Law Enforcement (FDLE), Critical infrastructure and Corporate Partnership (June, 2014)
•    “CISO/CIO Leadership and Industry Discussion Panel on Cybersecurity, The Cyber Security Framework and Sec/Ops” ISSA Open Forum Conference (May, 2014, Tampa, FL)
•    “Building Secure and Compliant information Systems and Networks Now – CIO Transformations” - NCTA Cybersecurity Working Group Forum (December, 2013, Atlanta, GA)
•    “How to Build an IT Department and Software Development Practice That Is Secure, Compliant and Automated” - Serena Software World Exchange – Business Process Management Software Conference (Sept. 2013, Miami, FL)
•    “Cybersecurity Defense of National Public Events - Coordinating with Federal/State Law Enforcement & Military Agencies” - Armed Forces Communications and Electronics Assoc., Cybersecurity Discussion on the RNC (August,2013, Tampa, FL)
•    “In-Depth Review of the Cybersecurity Defense of a National Public Event – the Republican National Convention” - ISSA and InfraGard Conference (June, 2013, St. Petersburg, FL)