Governing Body Spotlight

Lucia Milică Stacy serves as Global Chief Information Security Officer at Stanley Black and Decker, Inc, a Fortune 500 American manufacturer of industrial tools and household hardware. She is a senior technology leader with extensive technical and business experience. In her previous role, Lucia was the VP, Global Resident CISO at Proofpoint, a leading cybersecurity company. Additionally, she served as VP, Chief Information Security Officer & Chief Privacy Officer for Polycom, where she managed all aspects of data privacy and information security. 

Lucia has also extended her contributions to her profession by serving as an advisory board member and active participant with the cybersecurity industry and relevant industry groups, including policy council and board membership on the National Technology Security Coalition, and service with the Department of Health and Human Services (HHS) 405(d) Cybersecurity Task Group, SC Media Advisory Board, and Forbes Technology Council. Lucia has been featured in Harvard Business Review and The Wall Street Journal and is the recipient of the 2023 Cybersecurity Women of the Year Award, 2024 Top Global CISOs by Cyber Defense Magazine, Cyber25 Women of Impact by Team8 and NYSE to name a few. She has a Master of Science in Information and Cybersecurity degree from the University of California, Berkeley. Lucia also holds Master in Business Administration and Juris Doctorate degrees.

A fun fact about Lucia is her joy for travel and staying active with sports like golf, tennis, equestrian and skiing.

Learn more about the Global CISO Community and Denver CISO Community.
 

Give us a brief overview of the path that led to your current role.

I started my career as an IT systems engineer and continuously took on additional challenges. The pivotal time in my career was during law school, while also working full time as an IT and security leader. It was during that time that I elected to focus primarily on cybersecurity and privacy. 
 

What is one of your guiding leadership principles?

Making THE difference, through transparency, commitment, surrounding myself with people smarter than me and asking lots of questions.
 

What is the greatest challenge CISOs face today, and how are you addressing it?

The biggest challenge is managing cyber risk in an environment of accelerating complexity and accountability, amid an expanding attack surface, AI-driven threats, regulatory pressure, or Board-level accountability. Aligning security with business risk, prioritizing resilience and leveraging AI for defense are few examples of approaches to addressing today's challenges.
 

What is the key to success for someone just starting out as a CISO?

The key to success is building trust and credibility quickly while aligning cybersecurity with business objectives. This means focusing on clear communication with the board, prioritizing risk-based decision-making over technical minutiae, and fostering a culture of collaboration across the organization.
 

How do you measure success as a leader?

Success as a security leader means reducing business risk while enabling growth, earning stakeholder trust, and building a resilient security culture that can withstand and adapt to evolving threats. Compliance or tool deployment will not suffice.
 

What is the value of being a member of Gartner C-level Communities?

Gartner C-level Communities brings together top-level talent and high-level interactions between peers and curated key vendors that are core to what we do. They deliver content rich events, while also allowing for more personal, candid conversations.
 

Governing Body members share their insights and leadership perspectives to shape the agendas and topics that address the top priorities impacting business leaders today.