Cybersecurity: The role of CISOs in today's business strategy

May 01, 2024

In this episode, PwC’s Global Cybersecurity & Privacy Leader, Sean Joyce and Deneen Defiore, Chief Information Security Officer at United Airlines dive into the world of cybersecurity and its growing importance in the C-suite.

They explore how Chief Information Security Officers (CISOs) are evolving beyond their traditional roles and leading the way in risk management, contributing more directly to the enterprise business strategy and bringing security to the table.

They also discuss the latest news events and tech advancements impacting their approach to cybersecurity. Listen in to explore the evolving role of CISOs, the collaborative opportunities that exist and more.

PwC Pulse podcast series landing page



About the podcast participants

Sean Joyce, Sean is a Principal in PwC’s Consulting Segment and part of the US Consulting Leadership team where he holds multiple leadership roles as the Global Cybersecurity and Privacy Leader, US Cyber, Risk and Regulatory Leader, and recently overseeing US Responsible AI, working across the Trust & Consulting Segments.

Prior to PwC, he held various roles focused on serving alongside those who defended and protected the American values we hold dear.

Deneen DeFiore, currently serves as Vice President and Chief Information Security Officer at United Airlines. She is responsible for leading the cybersecurity and digital risk organization to ensure the company is prepared to prevent, detect, and respond to evolving cyber threats. She leads initiatives on commercial aviation cyber safety risk, improving cyber resilience, and represents United working with international partners to reduce cyber safety risk world-wide across the aviation ecosystem.

Deneen is an accomplished technology and risk management executive with experience across multiple critical infrastructure sectors. She has expertise in advising global companies and their most senior executives on technology, cybersecurity, compliance, and digital risk decisions related to products, services, and operations.

Deneen currently serves as Vice President and Chief Information Security Officer at United Airlines. She is responsible for leading the cybersecurity and digital risk organization to ensure the company is prepared to prevent, detect, and respond to evolving cyber threats. She leads initiatives on commercial aviation cyber safety risk, improving cyber resilience, and represents United working with international partners to reduce cyber safety risk world-wide across the aviation ecosystem.

Deneen is on the board of the Aviation Information Sharing Analysis Center and the Chairperson of the Airlines for America (A4A) Cybersecurity Committee. She is an independent director on the board of directors at Blackbaud software. In 2022, she was appointed to serve on the President’s National Infrastructure Advisory Council (NIAC), advising the White House on how to reduce physical and cyber risks and improve the security and resilience of the nation’s critical infrastructure sectors.

She is passionate about diversity in the tech industry and promoting STEM education.

Follow her on X @deneendefiore


Episode transcript

Final episode transcript below.

 

ANNOUNCER:

00:00:00:00 Welcome to PwC Pulse, a podcast to provide insights to help you solve today's business challenges.

SEAN JOYCE:

00:00:09:27 Hi, I'm Sean Joyce, Global Cybersecurity and Privacy Leader and US Cyber Risk and Regulatory Leader here at PwC. I'm excited to welcome Deneen DeFiore, Chief Information Security Officer at United Airlines to the podcast.

00:00:24:50 Today, we're diving into the world of Cyber Security and its growing importance to the C-suite and overall business strategy. We'll explore how leaders are collaborating across the organization so they can help put security at the epicenter of innovation.

00:00:40:23 Deneen, welcome to the podcast.

DENEEN DEFIORE:

00:00:43:02 Thanks for having me.

SEAN JOYCE:

00:00:44:22 Before we dive in, I've got some rapid-fire questions to get to know you a little bit better. What is your favorite city in the world to visit?

DENEEN DEFIORE:

00:00:54:22 I love lots of cities, but I think I like a small city in Belize. So Belize City is a nice place for me to be.

SEAN JOYCE:

00:01:03:04 All right. What did you do in Belize?

DENEEN DEFIORE:

00:01:05:06 We go there every year after Christmas, and I just like the culture and the vibe and the people. It's really nice to hang out there.

SEAN JOYCE:

00:01:11:12 Nice. All right. What is the last movie you saw in a theater?

DENEEN DEFIORE:

00:01:17:05 The Eras Tour. So I'm a Swiftie.

SEAN JOYCE:

00:01:21:11 So you actually saw the Taylor Swift concert in the theater?

DENEEN DEFIORE:

00:01:25:02 Yeah, and I went. I saw it live, too. And I'm going to watch it again on Disney Plus.

SEAN JOYCE:

00:01:31:08 All right. My daughter is a Swiftie too. All right. Best binge series?

DENEEN DEFIORE:

00:01:36:02 I like the British genre, so I really like The Crown or Downton Abbey. So those are the type of stuff I like to watch.

SEAN JOYCE:

00:01:42:26 All right. A book that you would recommend to our listeners.

DENEEN DEFIORE:

00:01:46:29 So I like to read things that take me out of reality. Right. So I don't have to think about it. It's not real. It's not heavy or anything like that. So there's a great series. It's called the Fever series. It's like an urban fantasy that is based on Celtic folklore, which is pretty cool.

SEAN JOYCE:

00:02:04:04 Wow.

DENEEN DEFIORE:

00:02:04:40 And some historic fiction. So it's by Karen Marie Moning. So that's what I like.

SEAN JOYCE:

00:02:08:13 I got to check that out. All right. So let's get into this. You mentioned your journey, and I'm a little bit curious. Everyone sort of takes different paths. I started out in IT, sort of what we call the programmer back then.

00:02:20:00 But looking across your career, it's very impressive across major companies like GE and United Airlines. Talk to us about how you started and not only your journey, but maybe helping some of the people out there.

00:02:37:17 What are some of the unique challenges that you faced and how you dealt with them?

DENEEN DEFIORE:

00:02:41:19 So, my journey into cybersecurity was probably not typical. I have a degree in Biology. I kind of fell into technology through my work in graduate school, from my studies there, and then moved into cyber, the right place at the right time while I was in my technology career.

00:02:58:40 And I think a lot of the lessons that I learned in that I take forward even to this day, it’s that you have to be a lifelong learner, right?

00:03:06:19 You have to be able to figure out how to learn new technologies, learn new concepts, understand everything that's going on in the pace that we work on with technology adoption and innovation. But that is not the only thing that you need to do.

00:03:18:08 Just because you're good at your job and you're smart and you're knowledgeable. You really have to advocate for yourself around what you want to do and how you want to do it.

00:03:29:29 I used to think early on in my career like, you know, I was doing great. I was getting great feedback. Everybody was saying, ‘Hey, you're really making a difference.’ Whatever. But I wasn't where I wanted to be and no one was going to get there except for myself. So, I had a bit of a sponsorship and mentorship that helped me realize that.

00:03:47:21 But in the end, you have to advocate for yourself and really be thoughtful and purposeful about what you want.

SEAN JOYCE:

00:03:53:29 So you've been a Chief Information Security Officer for a while, and I am sure you've seen the role evolve over several years. Especially, considering the changes in tech that we've all seen.

00:04:06:09 How would you like to actually see the role evolve? Not necessarily just how it has evolved, but how would you like to see it evolve in the next several years?

DENEEN DEFIORE:

00:04:17:17 I think one of the most notable changes that we've seen, and everybody is very familiar with is increased emphasis on Risk Management and Governance. The capabilities and skillsets that CISOs need to demonstrate are really around that risk management and governance.

00:04:31:40 Not only of cybersecurity risk, but how that integrates into the comprehensive risk framework like Enterprise Risk Management framework of the business that they're in.

00:04:40:21 We have to be way more proactive and forward looking because, like you said, the pace of things that are evolving, the innovation, the technology landscape, the response to that with regulations, right. You really have to be able to see around corners. I think as we move forward, there's two things that have been on my mind.

00:04:57:10 I think CISOs need to be really responsible for fostering the culture of cyber security and educating employees and stakeholders and partners at all levels of the organization around cyber threats and how their work and what they do on a day-to-day basis plays into the management and protection of that organization, that security conscious mindset.

00:05:22:19 In my industry, I have a little bit of a luxury in the fact that we can relate Cyber Security with Cyber Safety. So that culture of safety and aviation has been there for the 100 plus years that aviation has been a sector.

00:05:35:08 So finding that and really making sure that everybody understands that it's their responsibility, is really important and unique ways to be able to do that, that permeate that pervasive culture in your organization.

00:05:48:05 The other thing, too, is that we still have work to do to have CISOs work more closely with the business units, their Operations Team and stakeholders that they're integrated into the organization’s products, processes, services, whatever it is.

00:06:03:07 That the CISO Department office, whatever it is, organization is involved up front, whether it be Development teams, Operations teams, customer facing organizations, really, again, playing off that Cyber Security culture, but really embedding Cyber Security into the way we do business.

SEAN JOYCE:

00:06:21:25 Now those are great points. And you really talk about that, recognizing the multi-stakeholders within an organization. Tell me this. A lot of our listeners are in the C-suite, and we're talking from a CISO perspective.

00:06:37:10 And how that organization is leaning in. How would you actually talk to how the other side can lean in better?

DENEEN DEFIORE:

00:06:48:06 Right. If you are sitting in the C-suite, if you're a CEO, COO, CFO, whatever that may be, you really have to think of cybersecurity as a business risk, which I think a lot of organizations are doing that now. They're recognizing that, and they're treating it as a strategic priority, integrating it into the ERM framework that they may have.

00:07:07:28 But it's also important for the leaders, the senior leadership team, to make sure that they recognize that it's a holistic and cross-functional approach. It can't be siloed and delegated to the IT or Technology Department or even Cybersecurity Department.

00:07:23:10 It really needs to be a collaboration, and everybody has to be on the same page across the operation, whether it be Finance, Legal, Customer Service, to really understand everybody's goals, priorities, outcomes, to create a cyber security risk management strategy.

00:07:40:14 So that's I think, number one. And also that shift from the, I'll say cost center return on investment type of mentality to a strategic investment. It is like an insurance policy. So, you have to kind of think about it like the same way you think about your financial risk and your risk management strategies.

00:08:00:20 I think cyber security needs to be thought of that way versus show me the ROI, because you're not going to be able to do that until it's a reactive look, and by then it's too late. Right? So, I think that's important for the leaders to understand that shift in thinking about cyber as well.

SEAN JOYCE:

00:08:16:16 So talking about that ROI and a lot of C-suite for any investment are asking about that. And when we look at PwC’s 27th annual global CEOs survey, most US CEOs ranked exposure to cyber risk as a top three risk that their organization faces.

00:08:36:30 How should the C-suite and the board be thinking about their approach and how they actually oversee, manage and treat cyber risk and compare that to some of the more traditional risks, which you just mentioned, right?

00:08:51:21 When I look at the ops risk, when you talk about financial or legal, how should they be looking at that? Because I think a lot of boards and even C-suite members struggle with their approach here.

DENEEN DEFIORE:

00:09:02:26 There's a couple of strategies that I think work, and that's really to, number one, establish real, clear communication channels with cybersecurity experts and leaders within the company. And that's why the communication between the CISO, the executive leadership, and the board, it's not just going in there once every quarter and doing your 15-minute update, right?

00:09:24:50 It's really finding the cadence and channels to keep the leaders and stakeholders and board up-to-date and informed on emerging threats, security incidents, not only within your organization, but maybe in the industry, and then also ongoing regulatory and security initiatives that you are working on.

00:09:44:26 I think that education is really important. I'm not a fan of bringing in the board in for a tabletop exercise, but if it's a guided, facilitated conversation around a scenario or something, I think that helps people connect the dots and then they can step back from it and provide a little bit more strategic thinking around Risk Management. So I think that's really important.

00:10:08:12 The other thing that I would offer too, is that the traditional treating cybersecurity separate. I really do think integrating cybersecurity into the overall risk management frameworks is really important. It needs to be, cybersecurity gets a lot of attention, right?

00:10:23:20 It's, everybody wants to talk about it, but it needs to be integrated into the standard risk management processes. And then where it doesn't make sense, that's where you make the changes. It can't be a separate thing because then people are like, ‘Oh, it's separate. I don't understand it.’

00:10:35:06 These people need to figure it out because I don't have it in my regular cadence and operating mechanism. So I think that's important to recognize and understand as well too.

SEAN JOYCE:

00:10:45:10 And what's the cadence, if you don't mind sharing with us at United, how often do you present in front of the board?

DENEEN DEFIORE:

00:10:51:11 So I present to the board every quarter. So they're in the Audit Committee. So that's where we have Cyber Security Risk Management and Oversight. We also do periodic updates to the board on a monthly basis in the board package. And then I have one on ones with the head of the Audit Committee, as well as the Cyber Security designated expert on our board to talk about things that are going on.

00:11:13:10 It does two things. It helps them get educated and feel comfortable and ask questions in preparation for a larger discussion with the board, with the committee or the full board. But it also lets them have a conversation that we might not have in the boardroom. So they might want to talk about these specific things. And then again, it helps them connect the dots.

00:11:33:22 They can advocate for me, my program, our approach when we're in the boardroom or in the full committee. So it really helps, I think, foster the awareness and the education and the confidence in not only myself and how me and my team are managing the risk holistically for United, but in the board's ability to understand and manage that risk from their responsibilities as the governance leaders.

SEAN JOYCE:

00:11:57:29 That definitely sounds like a best practice. Are there any other recommendations or suggestions you’d give to other cyber leaders out there, or management to improve that engagement?

00:12:12:01 So relationships are number one, right? It's really fostering those relationships and making sure that you are a trusted and confident expert and that's how you're viewed. So, spend the time to get to know people, the stakeholders, the leaders, the board members, and develop those trusted relationships.

00:12:29:40 You do have a seat at the table you're presenting to them at the board meetings or whatever other forum, but you have to make the extra effort to really take it to the next level and show that you are not only a subject matter expertise, but you understand how that connects to their concerns, to the business strategies, to the other goals, the business goals, and the outcomes that the overall company is trying to achieve.

SEAN JOYCE:

00:12:53:27 So you just mentioned, I think, a really important point. You were talking about the business strategy, and I think a lot of times, not only CISOs, but their organizations are always solving for technical challenges. Can you share how United's business strategy in customer experience actually helps inform and shape your Cyber Security strategy?

DENEEN DEFIORE:

00:13:16:12 Sure, yeah. We take a look at a couple of different things as we're shaping our cyber security strategy. Of course, number one is the threat environment. You have to understand what threats that translates into the risks that your organization is facing. So always having an eye on the current and evolving and emerging threats.

00:13:33:10 But then if you take a look at the outcomes, right? The business environment. What are you trying to do as an organization? Are you trying to grow? Is it going to be an organic or organic? The growth, is it going to be lots of mergers and acquisitions, which is a different approach and strategy than if you were saying, we're going to grow organically, right?

00:13:53:50 Where are you going to do business? Are they in trusted countries and locations, or is it in high risk markets? Because that's where the growth is. So all those things that a business leader would be thinking about around how they're developing their outcomes and what they're going to do, you have to put yourself in their shoes and say, okay, yes, that's a market opportunity over here and here.

00:14:13:07 I get what they're trying to do because they want to achieve these whatever XYZ outcomes. What are the risks associated with that, and then how do we mitigate those risks to enable those secure business outcomes? Not be the blocker to say, ‘Oh, no, you can't do it.’ They're absolutely not.

00:14:29:08 It's really, really understanding what they're trying to achieve. How do you mitigate that risk? Whether it be a technology shift or architecture shift, even working with your government affairs folks to look at regulatory influences and changing some of the ways that the regulations are looked at or had there.

00:14:49:00 So it's important to be in those conversations and looking at your strategy from a business perspective.

SEAN JOYCE:

00:14:56:20 So really like that enabling function. Like you said, you're not the no stop. All right?

DENEEN DEFIORE:

00:15:00:21 That's right.

SEAN JOYCE:

00:15:02:10 And you were mentioning and, you know, you did obviously as a global company, how are you looking at the geopolitical risk and everything happening around the world?

DENEEN DEFIORE:

00:15:13:05 Yeah. So we partner again with our Aviation Security Team, with our government partners as well too. We do a lot of work with our government partners to understand what those risks are, and then we appropriately adjust. Safety and security is number one in Aviation and it is a priority for everybody. So we take a look at what's going on in the world.

00:15:35:20 We may adjust different things like Ukraine, Russia, any U.S. airline is not allowed to fly over Russia because when you fly over international airspace, you actually get charged, right? It's not free to fly.

SEAN JOYCE:

00:15:49:10 I did not know that.

DENEEN DEFIORE:

00:15:50:26 So in essence, if you're flying over Russian airspace, you’re sending money to the government. So we're not allowed to do that. So we adjust our flight routes and things like that to do that. But we're also monitoring from a cybersecurity perspective.

00:16:02:30 Okay. If that business change is happening, what does that mean from a cyber perspective? And how do we increase monitoring or detection controls around some of those things that are happening? So as the business changes because of those geopolitical things that are happening, the cyber security risk, anytime there's kinetic things that are happening, there's cyber things that are happening. And we have to adjust as well too.

SEAN JOYCE:

00:16:23:07 So one of the things I think, you know, you and I hear a lot is about resilience. And I think we've become numb to some of the headlines that we see every day about X, Y, or Z company being breached. What do you think cyber’s role is in promoting operational resilience?

00:16:42:06 And maybe what are some of the steps that you're taking at United to really enable this?

DENEEN DEFIORE:

00:16:49:02 So I think it's very important that we as cyber security leaders look at cyber security from a couple of different lenses. Of course, data protection that has been a big focus for everyone, and it's been a primary focus for a lot of organizations. You don't want data to be expelled. You don't want data loss. You don't want a data breach.

00:17:07:25 We all need to be prudent and put the protective and detective controls in there to protect our data, our internal data, our customers’ data as a priority. But there's also the resiliency factor, as you mentioned, for me and for our organization, uptime is key.

00:17:25:06 We run a 24/7 operation that's very interconnected, not only from a technology perspective, but from an ecosystem perspective. We're dependent on thousands of organizations and people to get a plane safely from point A to point B. So that resiliency of not only United Airlines as being able to detect, respond, and recover from a cyber-attack or a technology issue.

00:17:51:09 But also our ecosystem, our partners that we depend on and really managing that risk collectively. So we have a very strong collaboration with our partners, whether it be through threat and Intel sharing with our aviation ISAC and other partners like that to our own, we'll say, and party risk management program to developing one-on-one relationships with our key partners, like our regional airlines.

00:18:17:17 We need them to be just as strong and resilient as us. So I think it's important for us to do that. And then, of course, we also are looking at our cybersecurity strategy. And as the attacks evolve right from, okay, we're going to exfil data to destructive and disruptive attacks. What are the technologies that we need to put in place?

00:18:36:04 If it's amping up our DDoS protection to a more robust capability to workload segmentation, I'd say that looks at how we run the airline versus data category. Is this another concept that we're working on and implementing? So there's a few things that we're doing to make sure that we are able to reduce the impact of a cybersecurity incident.

00:18:57:09 But also recover quickly and get back to normal operations as fast as we can.

SEAN JOYCE:

00:19:03:02 Let me ask you a question here. Do you pay ransomware or don't pay your ransomware? I'm not talking about United. I'm talking about what's your perspective on that? A lot of companies out there want to sort of hear what, you know, the general, where do you think the thoughts are going in this space?

DENEEN DEFIORE:

00:19:18:01 My personal opinion is even if you pay the ransom, it's not the golden ticket, right? To recover from…

SEAN JOYCE:

00:19:24:10 Not guaranteed anything, right?

DENEEN DEFIORE:

00:19:25:11 Yeah. Not guaranteed at all, whatever circumstance, I mean, I don't like I think it's more of an art than a science, to be honest. I mean, you don't want to pay criminals. You don't want to feed into that system, right? And they can't be trusted. But if that is your only option, that's a tool in your toolkit to recover.

00:19:40:03 Now, again, it's not the golden ticket. So I told my leadership, I told my board, I said, ‘If we're in a situation where we decide to pay the ransom and we get the recovery keys, they're not guaranteed and it's going to still be months of recovery, right?’ So, it's an organizational decision based on probably the situation and context.

00:19:59:06 I don't like the idea of paying ransom. I don't want to feed into that system, but it is a option for organizations as they recover.

SEAN JOYCE:

00:20:07:16 All right. A podcast wouldn't be complete without talking about GenAI. Talk to me about how you're thinking in your organization, the opportunities and the risks that you're facing?

DENEEN DEFIORE:

00:20:21:29 Sure. Everyone's talking about GenAI, and we are, from an airline perspective, we are a leader in digital innovation and capability. So we've been thinking about AI for a long time, and we use that in a lot of our tools and systems. And then, GenAI, we've been working on that as well too.

00:20:37:07 The number one thing that you have to think about that is, again, how do you integrate that risk assessment and understanding of AI and the impact on the outcomes you're trying to generate into the framework that you have?

00:20:52:10 Right. So there's a lot of considerations. It's not just data privacy and security. It's model validation and testing. It's the skills and talent to that you need to be able to create trusted Gen AI solutions and building security and governance into those solutions as a priority.

00:21:11:07 So I think again, it is a cross-functional and holistic approach. You have to have that holistic view to say, is this a problem we want to solve? If it is, is it the right technology and the right approach to be able to solve that problem? What are the risks associated with it?

00:21:25:05 And if we are saying this is where we're going to go, then what are the things that we need to do in place to make sure that is a trusted solution and transparent as well?

00:21:34:27 Because, if you're using it for customer facing solutions or even with your own internal adoption of these technologies, people want to trust the technology that they are using.

SEAN JOYCE:

00:21:44:08 So as far as just integrating or implementing new technologies, are there any leading practices that you at United actually integrate into the process, or is there any advice you would give our listeners?

DENEEN DEFIORE:

00:21:59:23 Yeah, I don't think there's anything new or unique. It's just hard to implement, right? And hard to operationalize, especially as the pace of technology is so iterative and consumable. Getting it security by design or privacy by design, all those things upfront, it integrated into the approach, not just when you start to develop the technology, but when it's an idea of what problem you're trying to solve.

00:22:23:01 So if there's big initiatives, big kick-offs and things like that, the cybersecurity risks, data protection risk, privacy risk, all those things need to be in front and talked about at the inception and ideation, not when you're just starting to develop the solution.

00:22:38:20 And I think that makes a difference, and it's hard to do. And to be very clear, as cybersecurity professionals, I don't think we're going to be in every single conversation, right? So, pick the top three and call that success, because I think as your leadership or, or stakeholders or even people doing the day-to-day work, see that that integration into the ideation.

00:22:59:10 to the build, to the roll out, to the ongoing operations of whatever solution or problem you're trying to solve, makes it go faster, makes it more effective, makes it efficient, and makes it trusted.

00:23:12:18 I think you'll see people start to say, ‘Oh, okay, well, that makes sense then.’ It actually is a better thing to do that upfront. And then people start to change the way they work and think about those things proactively versus as a gate or a checkpoint in a process.

SEAN JOYCE:

00:23:28:22 All right. Last question, Deneen, as we wrap up here. So, you talked about sort of that enabling function. If you were sending a message to all the CEOs and board members out there, how can they actually help enable that CISO function in their organization?

DENEEN DEFIORE:

00:23:51:14 I think really to be a sponsor or an advocate of the cybersecurity organization and leading from the top, if the board prioritizes Cyber Security Risk Management, then other leaders and executives pay attention to it. If the CEO does the same thing and it's not, CEOs are busy.

00:24:12:02 They have a lot of things to think about, right? Cybersecurity is not on the top of their list every single day, but when it is important, they're able to call that out and advocate for you and understand. Or if they are able to connect the dots a little bit and pull you in to say, ‘Okay, well, I think this is something that you need to think about, right?’

00:24:31:00 I'll call that success. Right? So I think being an advocate for cybersecurity, when it is important to do that, not every single day, because I know everybody's busy. But when it's important, those leaders should be able to call that out and advocate for that program or the CISO and pull them in to make sure that they're getting the right outcomes and those risks managed.

SEAN JOYCE:

00:24:50:08 All right, Deneen. It has been great talking with you. Thanks for being here today.

DENEEN DEFIORE:

00:24:54:20 Thanks so much for having me. Appreciate it.

SEAN JOYCE:

00:24:56:29 It was great to hear your input on this important topic for organizations. It really gave our listeners actionable insights to work into their own strategies. And to our listeners, thank you for joining us on this episode of PwC Pulse.

00:25:11:08 I'd love to hear your thoughts about today's conversation. You can leave a review on your favorite podcast platform.

ANNOUNCER:

00:25:19:08 Thank you for joining us on the PwC Pulse podcast. Subscribe to PwC Pulse wherever you listen to your podcast or visit pwc.com/pulse podcast to hear our next episodes.

ANNOUNCER:

00:25:33:00 Copyright 2024 PwC. All rights reserved. PwC refers to the PwC network and or one or more of its member firms, each of which is a separate legal entity.

00:25:45:40 Please see www.pwc.com/structure for further details. This podcast is for general information purposes only, and should not be used as a substitute for consultation with professional advisors.

Contact us

J.C. Lapierre

J.C. Lapierre

Chief Strategy and Communications Officer, PwC US

Follow us