Ed is a Partner leading Withum’s Cybersecurity Consulting Services practice. He has over 30 years of cybersecurity experience across the healthcare and manufacturing industries, with 20 years specifically focused on cyber and information security for financial services.
Ed’s knowledge spans maintaining domestic and international cybersecurity program development and operations. As a Certified Information System Security Professional (CISSP), Ed helps clients strengthen business operations involving Cybersecurity, Data Privacy and Regulatory Compliance, Physical Security, 3rd Party Risk Management, Operational Risk, and Enterprise Risk Management.
Prior to joining Withum, Ed was a Managing Director in the Integrated Cyber Practice at a Big 4 Accounting Firm. He also led a cybersecurity and operational risk practice at a management consulting firm. A forerunner in his industry, Ed was a founding member of the IBM Information Governance Council.
Learn more about my professional experience and how I spend my time outside the firm.
Education:
Professional Affiliations:
Ed is respected thought leader in the industry and has co-authored and published points of view and articles on cybersecurity, privacy, GDPR, effective governance, and board reporting.
Ed and his family are active in their church and support multiple local charities. They coordinated a backpack for the homeless drive during the holidays for over 5 years that brought needed clothing packed into a new backpack for homeless men and women in Cleveland. Each year approximately 150 men and women received new items at the holidays.
Ed has been married to his wife Lisa for 28 years, and they have three children. When not working Ed enjoys watching sporting events (football and baseball are his favorites), playing golf, and traveling.
The first quarter of 2026 has made one thing abundantly clear: attackers are no longer “breaking in” — they’re logging in, redirecting, impersonating and exploiting trust at every layer of the digital ecosystem. From app store impersonation kits to nation state account hijacking to regulatory decisions that may unintentionally weaken home network security, Q1 has…
Cybersecurity risks evolve quickly and organizations continue to look for practical ways to put cybersecurity best practices into action. This FAQ distills key guidance from our cybersecurity team into clear, straightforward answers and cybersecurity tips that help strengthen resilience. This FAQ covers: Cybersecurity FAQs 1. How often should I update and modernize my business software?…
As of September 30, 2025, the Cybersecurity Information Sharing Act of 2015 (CISA) has expired without reauthorization. This cyber threat sharing law previously enabled and protected the voluntary sharing of cyber threat indicators between private entities and the federal government. Key Implications for Organizations Key Legal and Compliance Risks The expiration introduces a complex web…