Board of Directors
The Institute is governed by a group of Executive Directors whose mission is to spur the collection and creation of standard DRM knowledge and share it with the market.
David Morris is Executive Director of the Digital Risk Management Institute (DRM Institute), a not-for-profit organization formed to identify and communicate best practices for managing digital business risk.
Mr. Morris oversees the DRM Institute’s mission to define a decision-making framework that creates and sustains business value by balancing the need to protect the organization with the need to run the business. He recently broadened the role of the DRM Institute as a key business partner providing highly complementary GDPR consulting services as US organizations prepare for GDPR.
Mr. Morris is an early Pioneer in the Cybersecurity market with over 30 years of expertise possessing a deep Cybersecurity domain expertise including cryptography, threat intelligence and risk management and compliance.
Mr. Morris has served as CEO developing highly successful Cybersecurity products and services for the Fortune-500. He has worked with the NSA, FBI and the U.S. military in advising them on various issues ranging from Cryptography to international cybercrime investigations, take-downs and counter cybersecurity threat intelligence.
Most recently, Mr. Morris is co-founder of Morris Cybersecurity, an independent cybersecurity, compliance and risk analysis firm that specializes in guiding radically new cybersecurity solutions and services to the market, and is the moderator of the BrightTALK channel: Cybersecurity: The No Spin Zone.
Additionally, Mr. Morris is the managing partner of Unit 221B, an advanced cybersecurity solutions and services firm that solves the toughest cyber threats and attacks. Unit 221B provides intelligence gathering solutions (clearnet/darknet), black operations investigations, emulated nation-state cyber-attacks, threat investigations, and boardroom crisis and cyber legal advisory services.
Mr. Morris received a B.S. in Business Management with an emphasis in Management Information Systems from Boston University.
Charles Ambuhl is President of the Digital Risk Management Institute (DRM Institute), a not-for-profit organization formed to identify and communicate best practices for managing digital business risk.
Mr. Ambuhl is an expert in GDPR specializing in helping U.S. businesses understand and prepare for the coming implications of GDPR and to optimize it for the business’ benefit.
Mr. Ambuhl has more than 35 years of experience in the IT benchmarking industry, Cybersecurity, and Compliance with the past 15 years focused on increasing the business benefit from investment in information technology and processes. He has designed and implemented innovative approaches to performance measurement, benchmarking, and alignment of technology for increased effectiveness among people, processes and technologies and brings that expertise to enhance the digital risk scorecard.
Mr. Ambuhl was vice president of Gartner Measurement’s client services for North America, where he managed service analysts and delivery of IT measurement services to Global 2000 accounts. Before that, he developed and managed Gartner’s delivery team for the IT Overview Analysis, the first measurement service directed at the CIO/CFO to provide understanding of IT performance with a business viewpoint. In addition, he spent 14 years at Real Decisions, which was acquired by Gartner, and was instrumental in launching several IT benchmarking services still in use today.
Previously, Mr. Ambuhl was Vice President, EMEA Benchmarking for META Group. At META Group he co-developed and managed the delivery of a set of cost and price benchmarking and compliance services, focusing on KPIs and IT cost/price performance, unique to IT benchmarking.
Mr. Ambuhl is co-founder of the IT Performance Management Group and an active consultant within the IT performance management practice. He works with senior business and IT executives on high-level engagements focused on establishing current IT organization performance and synergy/alignment between business and IT, employing tools, techniques, and methodologies he developed specifically for these assessments.
Most recently, Mr. Ambuhl is the co-founder of Morris Cybersecurity, an independent cybersecurity, compliance and risk analysis firm that specializes in guiding radically new cybersecurity solutions and services to the market.
Additionally, Mr. Ambuhl is the managing partner of Unit 221B, an advanced cybersecurity solutions and services firm that solves the toughest cyber threats and attacks. Unit 221B provides intelligence gathering solutions (clearnet/darknet), black operations investigations, emulated nation-state cyber-attacks, threat investigations, and boardroom crisis and cyber legal advisory services.
Mr. Ambuhl received a BA in business economics from The College of Wooster.
Chief Technical Advisor
Juanita Koilpillai is the Chief Technical Advisor of the DRM Institute. Juanita has more than 25 years experience in information security and resilient software development. She amassed deep cyber security knowledge to help organizations improve the security of their operations with the appropriate processes and technologies.
Juanita is the founder and CEO of Waverley Labs, a leading independent digital risk management company. She was also the founder and CEO of Mountain Wave, a disruptive security event and information management company that was acquired by Symantec. She served in a series of senior roles for Symantec and Electrosoft Services and provided advanced security services for several organizations within the US Department of Defense and FEMA.
Juanita is an active contributor to cyber security and risk management working groups from government and academic institutions such as NIST, DHS and UNC. She earned dual masters degrees in Mathematics and Computer Science, a bachelor’s in Mathematics, and published numerous thought leadership articles and presentations on subjects covering cybersecurity, incident management and advanced monitoring.
Chief Legal Compliance Partner
Rasch’s career spans more than 25 years of corporate and government cybersecurity, computer privacy, regulatory compliance, probabilistic risk assessment, resilience, computer forensics and incident response. Earlier in his career, Rasch was with the U.S. Department of Justice where he led the department’s efforts to investigate and prosecute cyber and high-technology crime, starting the computer crime unit within the Criminal Division’s Fraud Section, efforts which eventually led to the creation of the Computer Crime and Intellectual Property Section of the Criminal Division. He was responsible for various high-profile computer crime prosecutions, including Kevin Mitnick, Kevin Poulsen and Robert Tappan Morris. Afterwards, Rasch was the Chief Security Evangelist at Verizon where he was responsible for strategy and messaging of Verizon’s global security solution. Mark is a frequent commentator in the media on issues related to information security, appearing on BBC, CBC, Fox News, CNN, NBC News, ABC News, the New York Times, the Wall Street Journal and many other outlets.