Steve Hydock
Principal Consultant, Cybersecurity and Risk Practice
Mr. Hydock has over 30 years of experience in the cybersecurity and information technology field. Over his highly distinguished career, Mr. Hydock has worked on, managed, led, and consulted on numerous technology-driven cybersecurity endeavors. In addition to his work in the government, public, and private sectors, Mr. Hydock is an accomplished technology startup business owner, college professor, and textbook author. Some of the companies that Mr. Hydock has worked for over the years include the National Security Agency (NSA), the University of Penn State, the University of Pittsburgh, the University of Pittsburgh Medical Center (UPMC), Pittsburgh Technology College, FORE System, the Armstrong Group of Companies, Ketchum, Smith Micro Software, Marconi, Westinghouse Electric Company, and Alcoa. Of particular note are Mr. Hydock's vast technology experiences with public relations firms, cable operators, colleges/universities, public utility organizations, medical providers, manufacturing organizations, technology start-ups, and established technology companies.
Mr. Hydock is an accomplished security architect, technology operations director, and cybersecurity risk management leader. Mr. Hydock has led numerous large-scale Corporate IT and OT cybersecurity initiatives, secured extensive on-prem and cloud-based environments, and successfully managed multiple in-house and remote information technology workforces. In addition to his extensive information technology experience, Mr. Hydock has authored and implemented many cybersecurity policies and framework initiatives to align with the Center for Internet Security (CIS), NIST, ISO 27001, SOC2, HIPAA, and GDPR. Mr. Hydock's inciteful, experienced, and communicative approach to technology, risk, and cybersecurity successfully threads the needle between technology operations, risk management, and business leadership acumen.
Recently selected client assignments include:
- Secured the cloud-based systems, IT operational facilities, and on-prem/cloud-integrated data centers of over 15 companies ranging from small startup organizations to large multi-national public organizations.
- Successfully split the network infrastructures and OT environments of two Fortune 500 manufacturing plants into two operating entities while improving their overall security postures and ensuring compliance with the Sarbanes-Oxley (SOX) Act.
- Architected and directed the implementation and operations of a new Corporate IT and OT vulnerability management system across 50 locations worldwide for a large public organization.
- Secured the corporate IT and mining OT facilities of a Middle Eastern country that was in a joint venture with a large public company in the United States.
- Improved the overall security operations of the Corporate IT and OT networks of several Nuclear Power Plants based in the United States.
- Architected, implemented, and managed the creation and operations of four (4) worldwide on-prem and cloud-integrated Data Center facilities that contained between 2 and 50 racks of corporate IT and networking equipment for a public organization based in the United States.
- Established the security framework for a global SDLC for a worldwide public organization.
- Numerous SOC 2 readiness and audit examinations for SaaS companies.
- Provided cybersecurity guidance and information technology leadership for a well-established publicly traded company.
