55 E 52 Street
Terry Mason is a Vice President in the Cyber Risk practice of Kroll, a division of Duff & Phelps, based in the New York office. With a unique combination of business acumen and technical expertise, Terry has 15 years of experience leading the development and implementation of strategic information security initiatives within complex regulated environments. He has a strong track record for promoting adherence to industry-specific regulations and guidelines for cybersecurity, such as those associated with the Securities and Exchange Commission (SEC), National Futures Association (NFA), Financial Conduct Authority (FCA), and Securities and Futures Commission (SFC).
Prior to joining Kroll, Terry held leadership roles with Elliott Management Corporation, a large multi-strategy activist hedge fund. As Head of Information Risk & Technology Governance he strengthened multiple dimensions of cybersecurity at the firm. His achievements include realizing over 60% improvement in staff ability to identify potential cyber threats; devising data protection strategies to evaluate information security of over 50 external SaaS platforms; improving the efficiency of vendor review processes, increasing capacity by 500% and decreasing costs by 60%; and managing proof-of-concept, roll-out and policy development for a mobile threat defense solution for personally-owned staff mobile devices. Terry led technology audit activities for SEC mock audits, market data usage, and annual accounting audits to ensure protection of corporate assets, adherence to vendor agreements, and alignment to business goals.
Terry also has expertise in the emerging cryptocurrency space where he developed transactional assurance processes and standards in the areas of AML, KYC and cybersecurity for cryptocurrency exchanges and trading platforms. In a representative engagement, Terry performed a cybersecurity audit for a bitcoin exchange seeking a New York state BitLicense.
Education and Certifications
- B.A., English, State University of New York at Oswego
- CGEIT – Certified in the Governance of Enterprise IT
- CISM – Certified Information Security Manager
- CISSP – Certified Information Systems Security Professional
Affiliations and Memberships
- Financial Services Information Sharing and Analysis Center (FS-ISAC)
- New York Electronic Crimes Task Force (NYECTF)
- Information Systems Security Association (ISSA)