William (Bil) Harmer
CISSP, CISM, CIPP
Operating Partner and CISO
@ Craft Ventures

CISSP, CISM, CIPP
Operating Partner and CISO
@ Craft Ventures
Bil oversees Security, Privacy, IT and CloudOps for Craft and its portfolio companies.
Leading the charge is our Advisory Board Chair, William Harmer, CISSP, CISM, CIPP, Operating Partner & CISO, Craft Ventures. With a legacy of innovation as a five-time CISO and a career spanning nearly three decades, Bil brings unparalleled expertise and a vision to inspire the next era of cybersecurity leadership
SecurityPal, the leading provider of security review solutions for enterprise and high-growth companies, is proud to announce the appointment of two respected cybersecurity leaders to its team. Bil Harmer, Operating Partner & Chief Information Security Officer (CISO) at Craft Ventures, joins as Board Observer, while Lena Smart, former CISO of MongoDB and New York Power Authority, steps in as Head of Trust. These strategic appointments come as SecurityPal continues its mission to simplify and accelerate security reviews for some of the most security-conscious companies in the world, including OpenAI, Figma, Plaid, and Snap.
Bil Harmer (Craft Ventures) and Josh Mullis (Productiv) join us in the Himalayas after a trip from Kathmandu to Everest Basecamp. In Part 1 of this In Security Podcast, Pukar, Bil, Ruth and Josh discuss the nature of security reviews and how challenging they tend to be.
February 21, 2024
In this episode of the SecurityANGLE, host Shelly Kramer is joined by fellow analyst and member of theCUBE Collective community, Jo Peterson for a conversation about the rise of AI-enhanced phishing. smishing, and vishing and how to combat that with Bil Harmer, the operating partner and CISO at Craft Ventures. Prior to joining Craft Ventures, Bil was the head of security and the global privacy officer for SuccessFactors pre-IPO, and through that public offering into the acquisition by SAP. From there, he went to Zscaler pre-IPO for about five years, then to SecureAuth for a stint, and then joined Craft Ventures in 2022.
It used to be a CISO had to know programming, network architecture, and how to read a vendor contract.
Now understanding the goals of senior executives is the key skill, IT managers have been told.
“If CISOs can learn one thing, it’s empathy,” Bil Harmer, chief evangelist and CISO at SecureAuth said during a panel Monday, on the first day of the CISO Forum Canada 2021 conference.
“Learn what the startup is thinking, what the CIO is thinking, what the finance guy is thinking, what the CEO is thinking. You want to know what they’re thinking and why they are thinking,” he said. “And then you can put their wants in your world.”
Harmer was a member of a panel asking whether the CISO today is a technical leader or compliance expert.
Panelists agreed the days of the CISO as strictly a technical leader are gone.
https://www.itworldcanada.com/article/empathy-is-now-a-key-skill-of-a-ciso-conference-told/464447
"There was so much chaos during the first few months of the lockdown that every CISO will need to go back and review all of the access and changes that happened," said Bil Harmer, who is the chief information security officer (CISO) and chief evangelist at computer identity security software maker SecureAuth.
"When there is chaos and change, the threat actors will be there looking for ways in."
He predicted that companies "will begin putting more and more focus on digital identities and a continuous authentication methodology that will allow them to adjust access on the fly as the landscape or the user behavior changes."
Bil Harmer, chief information security officer/chief evangelist, SucreAuth in Irvine.
"The hybrid model will not go away, there is far too much upside for companies in it. From 48 extra minutes per day per employee in productivity to reduced footprints in the office (desks, power, coffee, etc), this is a model that will continue.
"Companies will begin moving to Secure Identity as the first line of defense. They will begin putting more and more focus on digital identities and a continuous authentication methodology that will allow them to adjust access on the fly as the landscape or the user behavior changes.
"This will allow the user to move around the physical world and have their authentication and authorization adjust as they do to keep them within the acceptable risk profile."
In the gunslingin' world of cybersecurity, there are threats everywhere. It can sometimes feel as dangerous to run a modern business as it was to run a saloon in the shadiest part of the Wild West.
Actually, the parallels between the cowboy days and modern cybersecurity issues are aplenty — and one need look no further for proof of that than HBO's standout series Westworld.
Bil Harmer participated in a podcast on October 24, 2019 hosted by Wendy Austin, discussing where security fits into the Big Data industry.
Article published on Tuesday October 22, 2019 in Belfast Telegraph, UK.
Tech supremo Bil Harmer keeps a treasured photograph of an east Belfast terrace. it shows four generations of his family, each standing in front of the same wall of the house at Moorfield Street where his father was born.
This week he'll be paying his regular visit to his dad William's old home when he returns to Belfast as one of the keynote speakers at Big Data Belfast.
Bil has been in Information Technology for 30 + years. He has been at the forefront of the Internet since 1995 and his work in security began in 1998. He has led security for startups, Government and well established Financial Institutions. In 2007 he pioneered the use of the SAS70 coupled with ISO to create a trusted security audit methodology used by the SaaS industry until the introduction of the SOC2. He has presented on Security and Privacy in Canada, Europe and the US at conferences such as RSA, ISSA, GrrCon and the Cloud Security Alliance. He has been interviewed by and has written for various publications such as Dark Reading, Data Informed, SecureWorld and Security Intelligence. His vision and technical abilities have been used on advisory boards for Adallom, Trust Science, ShieldX, Resolve and Integris. He has served as Chief Security Office for GoodData, VP Security & Global Privacy Officer for the Cloud Division of SAP and now serves as a Strategist for Zscaler where he runs the Office of the CISO for the Americas.
His personal passion for all things security is what drives his desire to make the web a safer place.
CSO ONLINE - Equifax Proves The CISOS Right
https://www.csoonline.com/article/3230521/equifax-proves-the-cisos-right.htmlhttps://www.csoonline.com/author/Bil-Harmer/
CSO ONLINE - Equifax Data Breech
https://www.csoonline.com/article/3229508/in-equifax-data-breach-three-hard-lessons-in-risk.html
LINKEDIN - Where security industry is going
https://www.linkedin.com/pulse/where-security-industry-going-harmer-iii-cissp-cism-cipp-c
LINKEDIN - Did Hackers Just Win US Election?
https://www.linkedin.com/pulse/did-hackers-just-win-us-election-harmer-iii-cissp-cism-cipp-c
LINKEDIN - Looking At 2015 In Rearview Mirror
https://www.linkedin.com/pulse/looking-2015-rearview-mirror-harmer-iii-cissp-cism-cipp-c
LINKEDIN - Who's Responsible
https://www.linkedin.com/pulse/whos-responsible-security-board-harmer-iii-cissp-cism-cipp-c
LINKEDIN - Better To Sink The Ship Than Dock Safe Harbor
https://www.linkedin.com/pulse/better-sink-ship-than-dock-safe-harbor-william-bil-
Resolve Systems Appoints New Security Product Advisory Board Member, Bil Harmer
ShieldX Networks, San Jose, CA
GoodData Corporation, San Francisco, CA
Adallom, Palo Alto, CA
Acquired by Microsoft for $320m. Congrats to the team at Adallom. Looking forward to future endeavors.
How much security risk can an organization accept before it’s on very thin ice?
From exploring the tropics to getting inside the Shark Tank at The Mandalay, Las Vegas, Its a rush every time.
Riding for a cause at the Distinguished Gentlemen's Ride to raise awareness for Men's Health
Learning Kendo from a Master and descendent of one of the last Samurai. Kyoto, Japan .
Learning to forge a knife with a Master Swordsmith. Kyoto, Japan
With over 30 years specializing in Information Technology and more than 20 years focused on security,, William has a goal to help educate the business world in making their products and services safer and value the ever growing need for Security In The Cloud.