Our Subject Matter Experts
Brian Rankin
Head of Cybersecurity Services
Brian brings more than 20 years of experience in cybersecurity, IT operations, and vulnerability management to his role as Head of Cybersecurity Services at USDM Life Sciences. He has a proven track record of designing and implementing security protocols, improving processes, managing incidents, and mitigating risks. Brian’s leadership is characterized by his ability to build effective teams, enhance productivity, and achieve outstanding cybersecurity outcomes.
Brian has extensive experience managing cybersecurity incidents, including insider threats and external attacks. He has developed tailored cybersecurity frameworks, authored white papers on medical device cybersecurity, optimized incident response plans, and achieved significant reductions in response times and enhancements in security posture.
Before joining USDM, Brian served as Senior Security Program Manager and Chief Information Security Officer (CISO) at BitMEX, where he achieved ISO 27001 compliance and developed secure cryptography-focused custody solutions. His previous roles include key positions at Carneros Bay, SigFig, Ripple, and Monitise, where he drove cybersecurity strategies, improved security resilience, and managed extensive security portfolios.
Brian’s career is also marked by his service as a Captain in the U.S. Army Corps of Engineers, where he gained valuable leadership and technical skills that have contributed to his success in the cybersecurity field.
Brian holds an MBA from Golden Gate University and certifications as a Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM). He also completed the CISO Executive Program at Carnegie Mellon University.
Brian currently resides in the San Francisco Bay area. He enjoys hiking, mountain biking, and spending time with his family.
Brian’s projects at USDM include:
- Virtual CISO: Managed the development and implementation of customized cybersecurity programs for life sciences clients to enhance their security posture.
- Incident Response Optimization: Refined client incident response plans and acted as an incident response go-to person who significantly improved response times and ensured swift mitigation of security incidents.
- Cybersecurity Assessments: Conducted comprehensive CIS18 and NIST CSF assessments to provide detailed evaluations and actionable recommendations to enhance clients’ cybersecurity measures.
- Quality and Validation: Provided specialized knowledge in quality, systems validation, and regulatory compliance and oversaw the lifecycle of client quality management documentation.
- Vendor Audits: Planned and executed thorough audits of suppliers and software solutions to ensure that they met NIST cybersecurity standards and 21 CFR Part 11 requirements.
- Third-Party Risk Management: Developed TPRM programs that encompass both IT and QC to identify and mitigate critical third-party risks to the business.
Brian's Recently Published Resources
Blogs
- Penetration Testing in Life Sciences Lab Environments
- Cybersecurity in Medical Devices: How Did 524B Come About?
- The Importance of CIS Critical Security Controls (CIS18) in Life Sciences
- AI, Adversarial Attacks, and Insider Threats in Life Sciences
- Deepfakes and Financial Fraud
- Cybersecurity Challenges and Solutions for Emerging Biotech Companies
- Managing Generative AI Risk for Life Sciences Use Cases
- Reducing Cybersecurity Risks: A Primer for Emerging Life Sciences Firms
White Paper