OCC Names former State Street and Department of Defense Information Security Officer as Chief Security Officer

May 01, 2017
Chicago -

OCC, the world's largest equity derivatives clearing organization, today announced the appointment of Mark Morrison, formerly with State Street Corporation and several government defense and security agencies, as Senior Vice President and Chief Security Officer, a new position. Morrison will report to John Fennell, Executive Vice President and Chief Risk Officer.

"To deliver world-class risk management, clearance and settlement services, we must ensure the confidentiality, availability, and integrity of our systems on behalf of market participants in our role as a Systemically Important Financial Market Utility," said Craig Donohue, OCC Executive Chairman and Chief Executive Officer. "With over 35 years of experience in the field of information and cyber security, Mark brings a high level of expertise to our risk management team. His leadership will help OCC continue to integrate information security best practices into our service offerings, reduce systemic risks, and safeguard the integrity of the markets we clear."

At State Street Corporation, Morrison served from 2013 to the present as Senior Vice President and Chief Information Security Officer. In this role, his responsibilities included providing strategic direction and oversight of the company's information security program, concentrating on cyber security defense, identity and access management, cyber threat intelligence, cloud and virtualization security technologies, and risk-based information security architecture. Morrison also integrated cyber security into the project management lifecycle of the information technology development activities of State Street by effectively factoring information security best practices into overall enterprise risk.

From 2012 to 2013, Morrison served as Principal Director to the Deputy Chief Information Officer, Cyber Security and Deputy Chief Information Officer for the U.S. Department of Defense . Among his many responsibilities, he developed the enterprise information security architecture for the DoD Joint Information Environment that will support mission critical operations being delivered to strategic and tactical assets operating in over 6,000 locations worldwide by over 3.7 million users. Morrison also provided leadership and oversight of the Defense Industrial Base cyber security threat information exchange program.

Morrison worked for the Office of the Director of National Intelligence from 2009 to 2011 as Director, Intelligence Community Information Assurance and Intelligence Community Chief Information Security Office. In this role, among other responsibilities, he served as the Chief Information Security Officer, leading the sixteen-agency U.S. intelligence community in the areas of information security policy and planning, systems security analysis, risk management, and implementing cyber security defense tactics, techniques and procedures.

From 2005 to 2009, Morrison served as Chief Information Security Officer for the Defense Intelligence Agency, where he provided executive information systems and network technical expertise and leadership to the Director and Chief Information Officer by leading the agency's Information Assurance Office. From 2002 to 2004, he served as Principal Security Engineer for The MITRE Corporation, which included managing a 14-person security engineering team responsible for testing and deploying an intelligence community-wide identify and access management infrastructure. Morrison also worked for the Defense Intelligence Agency as a Senior Information Security Analyst from 1998 to 2004, from 1985 to 1998 as a principal security engineer for The MITRE Corporation, and from 1981 to 1985 as a computer security analyst for the National Security Agency.

Morrison graduated from the University of Massachusetts at Amherst with a Bachelor degree in Economics.