Sara Ricci

Sara Ricci is an internationally sought after speaker, mentor and C-suite advisor with proven expertise in Risk Management and Technology enablement in highly regulated financial and energy sectors, information technology services and retail. She specializes in global leadership of strategic initiatives in Enterprise Risk, Resilience, Operational Risk, IT Risk/Information Security, including Cybersecurity and Third Party Risk Management.

Her role as Global Head of Oversight and Control, Strategic Sourcing at JPMorgan Chase followed similar wide ranging and impactful positions at Citi, Bank of America and UBS. Sara also leverages experience as Head of Information Risk Governance and Resilience at HBC and executive roles at HCL Technologies and New York Power Authority to lead transformational change and implement risk and resilience programs in multiple industries.

Sara actively collaborates with public and private organizations and helped develop guidance for the financial and energy sectors. This includes working with Carnegie Mellon University’s Software Engineering Institute on the Resilience Maturity Model developed by FSTC (Financial Services Technology Consortium) that became the precursor to the RMM (DHS) and the C2M2 Cybersecurity Maturity Model (DOE). She also developed whitepapers and led benchmarking studies in Risk Appetite and Resilience for LPPC (Large Public Power Council). Most recently, she was involved with contributing to the update of the NIST Cyber Security Framework to NIST CSF V2.0, NIST Privacy Framework to NIST Privacy Framework 1.1 and continues to engage with NIST on other initiatives.

Some highlights of Sara’s involvement with academia include, panel discussion at Columbia University, guest lecture at BIMTECH (Birla Institute of Management and Technology) and collaborating in preparing a Management Development Program for Executives for BIMTECH.

Sara Ricci is frequently invited to speak on a wide variety of topics. Recent examples include speaking on Cybersecurity and Resilience topics at SecureWorld (New York and Philadelphia), CeFPro (Nashville, New York), Executive Women’s Forum (San Antonio), Cisco Employee Group, SANS, TechTarget, ISACA (New York), QA Financial Forum (New York), Disaster Recovery Journal (Dallas), Global Resilience Federation (Orlando); AI in Investment Risk at GARP (New York); Roundtable on ERM (India) and several other events.

She is a trusted adviser and mentor to executives, including volunteering as a Master Mentor for Executive Women’s Forum.

Sara was recognized as one of Top 25 Women of Influence in cybersecurity by an industry group that included Team8 CISO Village, NYSE, AWS, SVB, Meitar and Goodwin.

She strongly supports the Risk Management and Technology disciplines as a member of GARP, PRMIA, RMA, ISACA, DRI, and ACP.

Sara holds an MBA (Finance and Management) and is certified in CBCP (Business Continuity), CRISC (Risk and Information System Controls), HSEEP (Emergency Management), CDPSE (Data Privacy), SCR (Sustainability and Climate Risk).