SideChannel started from the belief that small and mid-sized organizations deserved the expertise of an industry experienced CISO just as much as any larger enterprise, but at a cost they could manage.  Those transformational experts joined to create a tech-enabled advisory firm that goes beyond mere security consulting and playbooks.

 

Together, the SideChannel team offers an unparalleled level of insight and leadership in cybersecurity focused on simple engagements that net attainable results.

Brian Haugli

Managing Partner

  • Grey LinkedIn Icon

Brian has been driving security programs for two decades and brings a true practitioner's approach to the industry.  He creates a more realistic way to address information security and data protection issues for organizations.  He has led programs for the DoD, Pentagon, Intelligence Community, Fortune 500, and many others.  Brian is a renowned speaker and expert on NIST guidance, threat intelligence implementations, and strategic organizational initiatives. 

Nick Hnatiw

Partner & CTO

  • Grey LinkedIn Icon

Nick has more than 15 years of experience creating technologies spanning network security to artificial intelligence and robotics. He has served as the founder, majority owner and CEO of a network security firm and as a technical director within US Cyber Command. As CTO, Nick is responsible for the creation of repeatable processes and to drive the technical direction of the technologies.

Akash Desai

Partner & Head of Channel

  • Grey LinkedIn Icon

Akash has founded and exited two high-growth SaaS companies. His expertise revolves around building and motivating a team and creating a vision and strategy for a company and translating those into actionable and measurable tactics.  Akash is adept at growth strategy (via acquisitions, engineering high same-customer growth, and channel partner development), product strategy, and operations.

David Chasteen

Partner

  • Grey LinkedIn Icon

David has been a leader and communicator in national security and information security for two decades, with a particular focus on NIST framework, critical infrastructure security and advanced threat intelligence. He has built best-in-class, collaborative programs at local, federal and nonprofit institutions and has a passion for community service, change leadership and fostering inclusive organizational cultures. He currently supports San Francisco area clients as their virtual CISO.

 

David was most recently the CISO for the San Francisco Police Department and previously served as the Executive Officer of the CIA's Covert Action Staff, a CTO at L-3 MPRI and a founding member of Iraq and Afghanistan Veterans of America. He was technical consultant for Amazon's Jack Ryan.

Joe Klein

Partner

  • Grey LinkedIn Icon

Joe Klein is a cybersecurity executive with 20+ years experience working to improve overall security posture of organizations and ensure the confidentiality, integrity, and availability of IT infrastructure. Seasoned at serving as a trusted advisor to senior executives, Mr. Klein is skilled at assessing cybersecurity maturity, long-term strategic planning, security product evaluations, project management, incident response planning (IRP), data protection, identity & access management, and security awareness training. 

 

He has previously served as CISO for the financial technology SasS company, Billtrust as well as the industrial battery manufacturing firm, EnerSys.  

 

Mr. Klein has earned a Masters Degree in Cybersecurity from University of Delaware, a Masters Degree in Information Systems from Drexel University and holds both CISSP and PMP certifications. 

Bill Roberts

Principal Consultant

  • Grey LinkedIn Icon

For the last 25 years Bill Roberts has built out a comprehensive cyber security programs and continued as a leader in all aspects of information technology within the Life Sciences sector. He has extensive experiences with security, privacy, and compliance Frameworks, such as NIST CSF, HIPAA, SOX ITGC and GDPR.  In addition, he has participated in 10+ M&A due diligence and integration projects including 2 divestitures of company assets.      

 

He has most recently served as the VP, IS & CISO for Hologic, Inc a global medical device company where he established Hologic’s Cyber Security and IT Compliance Programs.  In addition, he led the Infrastructure Services, International IS and served in IS Divisional Leadership role for the Surgical Division. 

 

Previously to Hologic he was VP of IS for Cytyc Corporation which was acquired by Hologic in October 2007.  At Cytyc he managed Global IT as the company grew from 140 employees to over 1500 and revenue of $40 million to over $750 Million.

Sean Lowder

Principal Consultant

  • Grey LinkedIn Icon

Sean K. Lowder has been a cyber security evangelist and practitioner in the industry for 20+ years. He has extensive experience building business-savvy cyber security programs that meet risk reduction requirements as set by the company.  He has various industry certifications, including Certified Information Security Manager, Certified Information Systems Auditor, Certified in Risk and Information Systems Control, Certified Information Systems Security Professional, and others. 

Mr. Lowder has extensive experience in preparing for SOC1, SOC2, HIPAA, PCI DSS, Hitrust and financial auditing for all information security areas. He specializes in the maturation of the risk and compliance management practices and development of a strategic plan and technology roadmap for all security technologies and practices.

Gregory Crabb

Principal Consultant

  • Grey LinkedIn Icon

Gregory Crabb is a security and risk management executive focused on helping organizations improve their cybersecurity practices. Until March 2021, Greg led the information security practice at the US Postal Service as the Chief Information Security Officer. As a component of the US critical infrastructure, Greg protected the organization from a variety of nation state led attacks; including securing the 2020 election. For twelve years, Greg was a principal sponsor for applied security research at Carnegie Mellon’s Software Engineering Institute. Greg has developed and applied proven methods to secure your most critical information and technology assets, including NIST 800-171 controls.

 

As a recently retired federal law enforcement officer, Greg led a storied investigative career focused on Eastern European cybercrime arresting cyber adversaries responsible for a variety of attacks; including financial crimes, data theft and extortion. Threat is the most volatile component of the risk equation. Greg’s unique perspective on the adversary allows him to guide a threat based approach to cyber response and defense.

Mike Waters

Principal Consultant

  • Grey LinkedIn Icon

Mike Waters has more than 20 years broad experience in information technology and cyber security. As a CISO, he built the cyber security defenses for a major global defense and intelligence contractor from the ground up. He has provided strategic and tactical consulting for multinational defense contractors, manufacturers, law firms, and software companies.

 

Mike is particularly skilled in helping clients achieve both regulatory compliance and real security. He has led and managed teams of managers, consultants, incident responders and analysts.


He has a Masters Degree in Computer Science from Johns Hopkins University and holds a CISSP certification.

Miguel San Mateo

Principal Consultant

  • Grey LinkedIn Icon

Miguel is a management consultant and security practitioner with over 2 decades of experience, he also recently led business intelligence and enterprise security efforts at a large healthcare system based in the Pacific Northwest.  Most recently, he was involved with a healthcare start-up in the medical device and services segment.

Miguel is a Board Advisor (Board Member Emeritus) of the San Francisco Bay Area InfraGard Chapter after he served on the Board of Directors from 2018-2019.  Miguel was also previously the Chapter President and served on the Board of Directors of the Oregon InfraGard, a partnership between the FBI and the private sector, which aims to prevent, detect, mitigate and investigate attacks on the nation’s financial infrastructure and other critical infrastructures, and is also a member of the US Secret Service Electronic Crimes Task Force (USSS ECTF) established in 2001 with the USA Patriot Act, with the common purpose of the prevention, detection, mitigation, and aggressive investigation of attacks on the nation’s financial and critical infrastructures.  

Matt Farry

Director,

Risk Management

  • Grey LinkedIn Icon

Matt Farry has over 15 years of experience in information security program creation, adoption and maintenance. Specializing in risk assessment and management, he has evaluated hundreds of organizations security postures and worked with executive leaders and boards to collaboratively create plans of action for the reduction of information security risk to acceptable business levels.


As the Director of Compliance and Risk Management, Matt is responsible for the development and delivery of compliance and risk assessments from all members of the Compliance and Risk Management team.

With experience in a wide variety of industries, standards and regulations, including HIPAA, SOC2, NIST, ISO and many others, our mission is to provide accurate and actionable results to help your business succeed.

Justin Armstrong

Advisor

  • Grey LinkedIn Icon

A programmer for most of his life, Justin has worked in Software Development at MEDITECH for over 20 years and is responsible for the security of MEDITECH applications and platforms. In addition to his experience with product development and a secure SDLC, he has assisted healthcare organizations around the globe with cybersecurity preparedness and incident response.

Malcolm Harkins

Advisor

  • Grey LinkedIn Icon

Malcolm Harkins is currently an independent board member and advisor to organizations.  He is also an executive coach to CISOs and others in a wide variety of information risk roles.  Previously Malcolm was the Chief Security and Trust Officer at Cylance Inc.  In this role he reported to the CEO and was responsible for enabling business growth through trusted infrastructure, systems, and business processes. Malcolm was also previously Vice President and Chief Security and Privacy Officer (CSPO) at Intel Corporation.  In that role Malcolm was responsible for managing the risk, controls, privacy, security, and other related compliance activities for all of Intel’s information assets, products, and services.