Annessa McKenzie
CISO
ConocoPhillips
Give us a brief overview of the path that led to your current role.
My path was not a direct one by any means, and hopefully, that will encourage others that where you start is not always where you end up. I started my career as a basketball coach and worked my way through college for the DEA, where I learned about IT Infrastructure and Analytics. A turn of events redirected me to join PricewaterHouseCoopers to consult a large consumer packaged goods company through their strategic transformation on process controls and SAP security. That experience allowed me to join Baker Hughes on the journey of a global SAP deployment across 1,400 locations in 80 countries.
When I thought the world of security could not take me any further, I was offered the opportunity to be on the team at Baker Hughes to develop our first CISO Office. The rest is a pretty standard course. After a few years, I became the CISO at Baker Hughes, and after building that program, I saw opportunities outside. I decided it was time again to start a new program at Calpine, where I have been the past six years taking on progressively larger roles beyond CISO – including IT Governance, Risk & Compliance, Business Continuity & Crisis Management, Facilities, Physical Security, and now serve as both CSO and VP of Supply Chain. After almost seven years at Calpine, I began my current role as the Chief Information Security Officer at ConocoPhillips.
Learn more about leaders in the Houston CISO community here.
What is one of your guiding leadership principles?
- Grow your talent – it’s far more rewarding than you’ll ever know
- Always be open to opportunity – you never know where it may take you
- You never know who’s watching, so always try your best
With disruption being a key theme of the past year, where do you see your role as a CISO going in the next 1-2 years?
As a CISO, it is important that we are leading our business through the evolving threats and managing our risks. As technology and innovation drive our businesses, we must ensure we align the proper safeguards to ensure the continuity of our business operations no matter the threat. We must also continue to position ourselves as trusted advisors with a steady hand that can steer through the uncertainties no matter how difficult they may be.
What advice would you give to someone just starting in the role as a CISO?
Putting in place a security program takes time, discipline, and enterprise-wide ownership – it will not occur overnight. To begin you should start foundationally by learning your business and establishing strong relationships to guide your pathway to success.
Tell us 3 fun facts about yourself.
- I love sports – all of them!
- Leading teams and growing talent is my passion.
- Being in Security is FUN! Even when it’s hard!
What is the value of participating in a professional community through Evanta?
I have been a member of Evanta since 2012, and the experiences, as well as the professional relationships established, have been invaluable. The introductions to ‘new’ CISOs (even former employees who have risen to the CISO ranks) have been great, and it’s nice to be able to mutually encourage each other along the journey.
Evanta Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.
by CISOs, for CISOs
Join the conversation with peers in your local CISO community.