Security Risk Advisors (SRA), vendor of cybersecurity and services, announced the appointment of Suzanne Hall as CISO in Residence. In this role, Suzanne will serve as a trusted advisor to SRA and its clients, bringing deep expertise and thought leadership to strengthen cyber resilience and risk management across industries.
Tim Wainwright, co-founder and CEO of SRA, commented: “We are proud to welcome Suzanne to SRA. Her deep understanding of the cyber and regulatory landscape, combined with strong security leadership relationships, is invaluable as we continue to expand our services and stay aligned to CISO priorities.”
Hall brings a proven record of building and advising high-performing cyber organizations. Her leadership experience at EY and PwC spans global cyber defense, risk management, NIST/ISO alignment, identity and access management, regulatory readiness, and enterprise-wide transformation across diverse industries.
She has served as CISO and CIO for various brands, including Circle K, the American Red Cross, AARP, and the Washington Nationals. Recognized as a top industry leader, she has earned honors such as the National Information Security Executive of the Year, the CIO 100 Award, and the Executive Women’s Forum Woman of Influence. Featured in publications like the Wall Street Journal and CIO Magazine, Hall is also a sought-after speaker at premier events, including RSA and the Gartner Security Summit.
As CISO in Residence, she will help shape next-generation cybersecurity capabilities and deliver practical, business-aligned approaches to security, governance, and risk.
In February last year, Finite State and Security Risk Advisors SRA announced a partnership aimed at delivering advanced security solutions for automotive, medical, government, and industrial markets. The collaboration will empower organizations to better protect their assets, optimize their application security posture, help achieve regulatory compliance, and accelerate go-to-market initiatives.
The partnership is a strategic response to rising regulatory requirements such as the Food and Drug Administration’s (FDA) Final Cybersecurity Guidance, the EU Cyber Resilience Act (CRA), and Executive Order 14028.
