Shay Colson is a director in the Kroll’s Information Management and Governance practice and leads the Assessment Team for CyberClarity360™, a ground-breaking solution that helps organizations understand and manage their exposure to supply chain cyber risk through a fully transparent scoring system. Shay has over a decade of experience in cybersecurity and information assurance, with a focus on designing and building secure systems. He is a proven innovator in exponential technologies, having been inventor or co-inventor on nearly a dozen patents around 3D printing, self-driving cars, drones, blockchain and smart-contract technologies.

Shay joined the firm from the U.S. Department of the Treasury, where he led vulnerability identification and technical security efforts, including serving as Security Lead for Treasury’s cloud-based integrated talent management platform. Shay’s expertise was exercised to identify, deliver and facilitate cybersecurity and risk management strategies that improve security posture. He is an expert in the NIST Cybersecurity Framework and 800-53 control set.

Previously, Shay was the Chief Information Security Officer at Medical Information Network, a regional health information exchange, where he led strategic risk assessment and remediation activities, coordinated daily security operations and created a sustainable security taxonomy designed to scale. He has held numerous other information assurance positions, including with the United States Senate, the Cloud Security Alliance, as a consultant to critical infrastructure and private aviation firms, and has co-founded and worked for several startups in both San Francisco and New York.

Shay holds a Master of Science degree in Information Management and a Certificate of Advanced Study, Information Security Management from Syracuse University, as well as a Bachelor of Arts degree from the University of Washington. He is a Certified Information Systems Security Professional (CISSP).

Colson /en/our-team/shay-colson /-/media/assets/images/headshots/directors/shay-colson.jpg people {7B43EE63-F3E0-4413-8F0F-90C06F0BC352} {7FCB75E6-D40F-4DAA-9A0F-4B869A8E762F} {ABF5003B-CDDB-43F4-A7A5-CF54ACF36699} {E39587AD-8F0B-4FE2-865F-969BC5501096} {8BCCA831-44C4-4CD0-9458-841A33C8BACF} {92E53255-2170-4325-8694-79CAF8ADF4AE} {69E1BC71-3A09-4508-928B-0D8596DD4FF7} {67F76C2C-C03D-4CD7-8519-7B9E0B3905DD} {2DEEE4D2-8278-4C50-B3FF-1563BB257804}

Other Areas We Can Help

CyberClarity360

CyberClarity360

Efficiently assess and confidently track the security and resilience of third parties with CyberClarity360, a robust third-party cyber risk management solution

CyberClarity360
Cyber Risk

Cyber Risk

Global, end-to-end cyber risk solutions.

Cyber Risk
Supply Chain Risk Management Services

Supply Chain Risk Management Services

Helping clients build resiliency by proactively identifying, assessing, mitigating and monitoring their hidden supply chain risks.

Supply Chain Risk Management Services
CCPA Compliance Assessment | Cyber Risk | Kroll

CCPA Compliance Assessment

Data privacy and compliance experts translate the technical into practical and cut through less-than-specific legal requirements to navigate the CCPA compliance journey.

CCPA Compliance Assessment
Contract Lifecycle Management (CLM)

Contract Lifecycle Management (CLM)

Capture the value of contracts through M&A due diligence, acquisition integration and daily contract management.

Contract Lifecycle Management (CLM)

Insights

Compliance

Are Your Disclosures and Compliance Programs SEC Compliant?

Compliance
Compliance

Regulatory Internal Audit Case Studies

Compliance
Restructuring

Powers of Hong Kong Liquidators under the Recognition Pilot Program

Restructuring

News