Mandy Andress is currently the CISO of Elastic and has a long career focused on information risk and security. Prior to Elastic, Mandy led the information security function at MassMutual and established and built information security programs at TiVo, Evant, and Privada. She worked as a security consultant with Ernst & Young and Deloitte & Touche, focusing on energy, financial services, and Internet technology clients with global operations. She also founded an information security consulting company with clients ranging from Fortune 100 companies to start up organizations.

She is a published author, with her book Surviving Security having two editions and used at multiple universities around the world as the textbook for foundation information security courses. Mandy also tested and reviewed information security products for multiple publications as well as serving as the author for the weekly InfoWorld security column. She has been a sought-after expert in the field, speaking at signature security conferences such as BlackHat and Networld+Interop. In addition, she has taught a graduate level Information Risk Management course for UMass Amherst in the College of Information and Computer Sciences.

Mandy has a JD from Western New England University, a Master’s in Management Information Systems from Texas A&M University, and a B.B.A in Accounting from Texas A&M University. Mandy is a CISSP, CPA, and member of the Texas Bar.