Nick Graf

Nick Graf Consulting Director, Information Security, Risk Control Nick serves as Consulting Director of Information Security for CNA’s Risk Control unit. Nick has more than a decade of information security experience and specializes in data leakage prevention, security policies, incident response, data breach and security awareness. Prior to re-joining CNA in 2011, Nick served as a Senior Analyst for Information Security Risk Assessment at HSBC. Prior to that role, Nick held roles in CNA’s Information Technology unit. He received a Bachelor of Science in Information Systems and a Master’s of Science in Computers, Information & Network Security from DePaul University. Nick holds the Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) and Certified Information Privacy Technologist (CIPT) designations. He has presented courses on privacy, big data, the cloud and healthcare risks, and has also written and contributed to articles regarding information risks, social engineering, mobile device security, phishing and personal password management.