Chad D. Freese
CYBERSECURITY LEADER
CLOUD SECURITY RESEARCHER
RESPONSIBLE AI INTEGRATOR
CYBER/TECH MENTOR
TL;DR: I translate the complexities of information security, data privacy, cloud security, artificial intelligence, and automation into strategic business insights.
Hi there! I’m Chad Freese and I am an Information Security Risk Professional with over 20 years of comprehensive experience in developing and implementing robust cybersecurity strategies. I serve as a Lead Information Security Advisor at USAA, where I manage cloud security risk reviews and lead the development and integration of innovative risk assessment, security, and automation tools. I have a proven track record of successfully identifying, assessing, and handling security risks to safeguard organizational assets across businesses of all sizes, from startups to Fortune 100 companies, including law firms and medical providers. My adeptness at leading cross-functional teams, implementing best practices, and ensuring compliance with industry standards has allowed me to lead assessments for major cloud service providers, including AWS, Google Cloud, Microsoft Azure, and Rackspace.
Throughout my professional journey, I've excelled in distilling the intricacies of information security, data privacy, cloud security, AI, and automation into actionable strategic insights for businesses. My strength lies in simplifying complex security concepts for non-technical audiences and fostering a culture of security awareness throughout various organizations. With a wealth of experience, I've been instrumental in bolstering the information security frameworks of forward-thinking companies, demonstrating my capacity to evolve and innovate within the rapidly changing cybersecurity landscape.
My background also includes significant achievements in leadership roles on the Third-Party Cyber Risk Assessments & Intelligence teams at USAA and as a Principal Cybersecurity Architect at Honeywell Aerospace, where I developed critical security architectures for the aviation industry and NASA.
As a retired Marine Corps Chief Warrant Officer 3, my distinguished military service in Signals Intelligence, Electronic Warfare, and Cyberspace Operations is marked by significant contributions to ISR Systems Engineering, Computer Network Exploitation, and Cyberwarfare. My military career included multiple combat tours in the Middle East and vital technical roles supporting the NSA and MARFORCYBER.
PROFESSIONAL EXPERIENCE
U.S. Marine Corps, 1st Radio Battalion
Camp Pendleton, CA
June 2013 - June 2016
Cyberwarfare Officer
• Co-Authored a comprehensive Battalion Cybersecurity Policy covering: Acceptable Use Agreements, Clean Desk Policy, Change Management, Email Policy, Ethics Policy, Password Construction and Protection Policy, Authorized Software and End User License Agreements.
• Led a collaborative project with the Office of Naval Research (ONR), Massachusetts Institute of Technology Lincoln Laboratory (MIT-LL), and Johns Hopkins’ Applied Physics Laboratory (APL) on the development of a multi-million-dollar Tactical Cyber Range (TCR) to train and certify Marines on full spectrum cyberspace operations, from the national to the tactical edge.
• Developed a state of the art Joint Cyberspace Operations Lab for the employment and testing of Offensive and Defensive Cyberspace Operations (OCO/DCO) tactics, techniques, and procedures (TTPs). This lab was engineered with no cost to the command, while valued over $400,000.00.
• Designed mission critical hardware and software platforms designed to conduct Computer Network Exploitation (CNE) in a forward-deployed setting while maintaining secure software updates, policy compliance, and accountability of $1.2 million of assets.
• Designed, and configured a state of the art wireless network training lab, enabling the development of multiple training scenarios allowing for flexibility and realism utilizing a combination of virtual and physical environments comprised of over 30 cyber personas, 50 client devices, 45 mobile devices, 20 servers, and 15 Wireless Access Points (WAPs), using a wide variety of desktop and mobile operating systems, with a total system valuation over $1.8 million.
• Led 25 Wireless Network Engineers through a training and certification program of Signals Intelligence support to Cyberspace Operations and Computer Network Exploitation on behalf of the National Security Agency (NSA) and U.S. Marine Corps Forces Cyberspace Command (MARFORCYBER).
National Security Agency (NSA) / U.S. Marine Corps
Camp Pendleton, CA
June 2013 - June 2016
Cyberwarfare / Computer Network Exploitation (CNE) Officer
• Served as a Direct Liaison for National Tactical Integration (NTI) of Signals Intelligence support to Cyberspace Operations and Computer Network Exploitation on behalf of the National Security Agency / Central Security Service (NSA/CSS) and U.S. Marine Corps Forces Cyberspace Command (MARFORCYBER).
U.S. Marine Corps, Center for Information Dominance, Corry Station
Pensacola, FL
Dec 2011 - June 2013
I.T. Instructor, Course Chief, & Curriculum Developer
• Directly led, supervised, and mentored 12 instructors, 2 curriculum developers, and over 150 Intelligence, Surveillance, Reconnaissance (ISR) Systems Engineer students through instruction, mentorship, physical fitness, and professional development.
• Managed a budget of $2.1 million and maintained positive control of $4.6 million of radio, satellite, and computer network operations equipment.
• Developed and conducted over 700 hours of and training, with special emphasis on Computer Networking and Security, leading over 150 students to professional Microsoft, CompTIA, and Cisco certifications.
• Designed and engineered a virtual training lab that provided technical skills enhancement in the areas of computer networking design, routing, switching, and troubleshooting, as well as server design and configuration for email, secure file storage and exchange, domain name system, web servers, domain controllers, remote access and authentication platforms.
U.S. Marine Corps, 2nd Special Security Communications Team (SSCT), 1st MarDiv
Camp Pendleton, CA
Dec 2009 - Dec 2011
Communications Chief
• Led 1st Marine Division's portion of a Marine Corps wide bandwidth study to provide an overall visualization of the Marine Corps Intelligence, Surveillance and Reconnaissance Enterprise (MCISR-E) by consistently working with the Marine Corps Intelligence Activity (MCIA) and the Long-range Information Networked Communications Services (LINCS) greatly impacting the security and mission accomplishment within the 1st Marine Division Intelligence Community.
• Coordinated mission critical hardware and software upgrades to the Special Intelligence Communications (SPINTCOM) Trojan Switched Extension (TSE) satellite communications suite which is the backbone of 1st Marine Division's SCI communications infrastructure, increasing network bandwidth efficiency and Quality of Service by 145%.
• Conducted 71 SCI indoctrinations, over 110 security screening interviews, 16 official SCI debriefs, over 150 administrative SCI debriefs, 17 foreign travel briefs, and submitted 37 SCI investigations greatly impacting the security and mission accomplishment within the 1st Marine Division Intelligence Community.
U.S. Marine Corps, 1st Radio Battalion
Camp Pendleton, CA | Iraq & Afghanistan
Dec 2004 - Dec 2009
Intelligence, Surveillance, Reconnaissance (ISR) Systems Engineer
• Served in many technical billets throughout the U.S., Iraq, and Afghanistan in support of the Marine Corps, NSA, and multinational Intelligence Community.
• Installed, administered, maintained, and repaired secure computer, radio, SATCOM, and telephone networks and equipment.
• Managed a team of 35 ISR Systems Engineers in the daily operational status of a Top Secret Joint Worldwide Intelligence Communications System (JWICS) network, Secret Internet Protocol Router (SIPR) and Non-Secure Internet Protocol Router (NIPR) networks for over 2,500 network users, 65 physical servers, 90 virtual servers, maintaining a 99.6% uptime spread across the entire country of Iraq.
EDUCATION
Western Governors University
Master of Business Administration (MBA)
Information Technology Management
2023 - Present
This program is designed for professionals looking to advance their careers in technology leadership. It emphasizes the development of both business management and IT skills, tailored for those who have experience in the tech field and wish to expand their managerial and strategic competencies.
University of Phoenix
Professional Certificate
Information Assurance & Security
2023
The Information Assurance and Security Certificate provided interactive, hands-on refresher in information systems security, network security, risk management and mitigation, asset protection, technical support, cloud security, robust cybersecurity program management, and applied cryptography.
University of Phoenix
Professional Certificate
Cloud Computing
2022 - 2023
Storing data in the cloud makes it easy to access information. But businesses still depend on qualified professionals to do the hard part: setting everything up. With our Certificate in Cloud Computing, you’ll gain the foundational knowledge and skills to help organizations build and manage cloud services. Coursework in this program is aligned to industry certifications exams like those for Amazon Web Services (AWS) Cloud Practitioner, Cloud Developer and SysOps Administrator.
Liberty University
Master of Science (M.S.)
Cybersecurity
2019 - 2020
Throughout this Master's program, I had the opportunity to enhance my knowledge of advanced defense of computer and network security, providing me with the analytical framework necessary for the prevention, detection, countering, and recovery from security vulnerabilities and cyber incidents.
My studies included coursework in Advanced Computer Security, Digital Forensics, Ethics, Legals Issues & Policy, Applied Network Security, Applied Cryptography, Secure Software Engineering, Security Engineering, Issues in Security, Privacy, & Anonymity, Web Security, and Ethical Hacking.
Johns Hopkins University
Master of Science (M.S.)
Cybersecurity
2018 - 2019
No degree completed. Transferred to Liberty University.
Consistently rated as one of the best online master’s degrees in cybersecurity, the Johns Hopkins Engineering for Professionals cybersecurity program combines knowledge from instructors who are working to fight cybersecurity threats on the front lines with relevant courses designed to put you ahead. Deepen your ability to assess enterprise security risks, as well as gain skills in encryption, hash functions, signature schemes, authentication, and research.
Park University
Bachelor of Science (B.S.)
Information & Computer Science: Networking & Security
2009 - 2017
The Information and Computer Science (ICS) degree program prepares students to apply problem-solving and critical-thinking skills and use popular computer technologies in creating technology solutions.
Networking and Security – prepares students for a career in network infrastructure support, based on Cisco’s CCNA curriculum.
LICENSES & CERTIFICATIONS
Click to Verify
PATENTS & PUBLICATIONS
Mobile Device Authenticator (MDA)
ABSTRACT
Critical Transportation Systems (CTS) are becoming edge--enabled to connect mobile devices for safe and secure connected vehicle services. However, these edge-enabled CTS networks have weak cybersecurity implementations. To mitigate cybersecurity threats in the edge enabled CTS network, the paper proposes a novel idea for secure mobile device authentication in the edge enabled CTS network. The proposed idea is a mobile device authenticator module, which allows any mobile device to connect securely to legacy devices through wireless connectivity. This allows a simple implementation to enable a secure Public Key Infrastructure (PKI) solution to authorize mobile devices to connect to legacy devices.
CO-INVENTORS
DOCUMENT INFORMATION:
IP.com Disclosure Number: IPCOM000260138D
Publication Date: 2019-Oct-25
COPYRIGHT: Honeywell Aerospace
PSYOP, Deception, and Cyberspace in the Open: Analysing Fake
News in a Cyber new Normal Communications Environment
ABSTRACT
Over the past 24 months; fake news and integrity cyberspace attacks have become a serious threat to government entities, companies, and individuals. The intended, and unintended, consequences that result from these types of attacks have escalated in complexity, costs, and appear to be a new collection of attack methodologies unique to today’s cyber enabled communications environment. Compromising information systems and exposing the results of targeted information attacks however, have always been a component of warfare tactics called psychological operations (PSYOP) and deception operations. In this paper, we explore the recent rise of the use of traditional psychological and deception attacks against multiple organizations like the Country of Sweden, the United States Democratic National Committee, and hacks against European financial institutions like Deutchse Bank using open-source unclassified cyberspace tools and methods. We apply a Grounded Theory approach to the problem set in order understand how fake news works as a process and determine why some stories go viral and others don’t. We present a resulting model that is both militarily influenced and biologically inspired. We argue that biological nature of the emerged model confirm many exert hypothesis that getting rid of fake news is impossible, but that companies, governments, and individuals can take steps to ‘immunize’ themselves. Throughout the paper, we highlight the effectiveness of these attacks in terms of explicit costs and tacit organizational power. The research shared in this paper also reveals a potential trend towards these types of attacks for the foreseeable future. We conclude this paper by positing a definition of the Cyber New Normal Communications Environment where government entities and businesses conduct information competitions using these tactics to gain business and political advantage.
Keywords: fake news, cyber new normal communications environment, information warfare, biologically inspired
information attacks, integrity attacks, and grounded theory
CO-AUTHORS
Terry Traylor • William Wong
DOCUMENT INFORMATION:
16th European Conference on Cyber Warfare and Security (ECCWS 2017)
Publication Date: 2017-June-29
INDUSTRY INVOLVEMENT
Shared Assessments
Committee Member - AI & Emerging Technology
Third-Party Risk Assessments
2019 - Present
This group meets via an open forum allowing for active engagement and discussion of relevant topics. Participants examine integration, challenges, opportunities, and solutions posed by emerging technologies including Machine Learning, Artificial Intelligence, Cloud, 6G, Distributed Ledgers (Blockchain), and Cryptocurrencies.
Advancements in technology fuel productivity that supports digital transformation and business objectives. New technologies across all sectors are rapidly changing the risk landscape for organizations and third parties/supply chain ecosystems.
This group invites member organizations specializing in emerging technologies such as Cryptocurrencies and Artificial Intelligence to present to the committee. Participants are encouraged to submit emerging technology topics relevant to TPRM for discussion.
Shared Assessments
Committee Member - Products Development
Third-Party Risk Assessments
2021 - Present
The Products Development Committee is responsible for the management and development of existing and new content as well as the functionality of solutions in the Shared Assessments’ Product Suite: SIG, SCA, and VRMMM solutions. (Products Committees have been consolidated into one group from previous years.)
This committee strives to ensure all content within the products adheres to current local, state, federal, national, and international rules, laws, regulations, technological standards, and frameworks. Further, the committee ensures the products are updated to meet new and changing risk areas as the lifecycle of third-party risk management evolves.
U.S. Marine Corps Forces Cyberspace Command
Marine Corps Cyber Auxiliarist
Technology Education
2020 - Present
In April 2019, the Marine Corps announced the newly-established Marine Corps Cyber Auxiliary (Cyber Aux), a volunteer organization aimed at increasing Marine Corps cyberspace readiness. The Cyber Aux is comprised of a small cadre of highly-talented cyber experts who train, educate, advise, and mentor Marines to keep pace with constantly-evolving cyber challenges.
The Cyber Aux will assist in simulated environments and during periods of instruction, but are not authorized to execute hands-on cyber activities.
Cyber Aux applicants must meet the following criteria:
US Citizen
Minimum 3 years of work experience in the cyber industry or academia
Industry leader/highly regarded in their field
Enthusiastic in volunteering their time to share their expertise
Honorably discharged, if prior service
Qualified volunteers are screened and assessed before assignment to a specified unit or project. Cyber Auxiliarists do not wear a uniform nor need to meet the stringent Marine Corps physical fitness standards.
The Cyber Aux is part of the larger Marine Corps effort to better posture forces to conduct Operations in the Information Environment and is managed by the Deputy Commandant for Information, LtGen Lori E. Reynolds.
Highly qualified talent should complete the sign-up for more information or to begin volunteering with the Marines.
Arizona InfraGard
Contributing Member
Science & Technology
2018 - Present
InfraGard is a partnership between the FBI and members of the private sector. The InfraGard program provides a vehicle for seamless public-private collaboration with government that expedites the timely exchange of information and promotes mutual learning opportunities relevant to the protection of Critical Infrastructure. With thousands of vetted members nationally, InfraGard's membership includes business executives, entrepreneurs, military and government officials, computer professionals, academia and state and local law enforcement; each dedicated to contributing industry specific insight and advancing national security.
There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof. Presidential Policy Directive 21 (PPD-21): Critical Infrastructure Security and Resilience advances a national policy to strengthen and maintain secure, functioning, and resilient critical infrastructure.
I specialize in the following sectors:
Communications Sector
Defense Industrial Base Sector
Information Technology Sector
Transportation Systems Sector
The National Society of Leadership and Success
Mentor
Education
2017 - Present
The NSLS is the nation's largest leadership honor society. Students are selected by their college for membership based on either academic standing or leadership potential. Candidacy is a nationally recognized achievement of honorable distinction. With 737 chapters, the NSLS currently has 1,110,562 members nationwide.
In addition to honorable distinction, the NSLS provides a step-by-step program for members to build their leadership skills through participation at their campus or online. Upon completion of the program, members receive their leadership certificate and take their place among the top student leaders at their campus and across the country. Members are able to list their affiliation on all statements of personal accomplishment, including their resume.
Membership is for life and provides access to benefits including scholarships and awards, exclusive on-campus events, employer recruitment through an online job bank, and discounts on computers, textbooks, grad school prep courses, insurance and much more.