ExtraHop’s Lucky Strike in Bowling Appointment


ExtraHop has appointed Mark Bowling to assume the new role of Chief Information Security and Risk Officer (CISRO). As NDR adoption rapidly grows, Bowling will be responsible for implementing effective overall security, information security, and risk management frameworks.

Bowling will report to Lauren Zajac, Chief Legal and Compliance Officer at ExtraHop. Under Zajac’s leadership, Bowling and his team will help shape the future information security landscape and associated practices to adapt to the ever-evolving world of cybersecurity. Jeff Costlow, Deputy CISO at ExtraHop, will report directly to Bowling. Bowling will also be responsible for all other aspects of ExtraHop security to include facility security, physical security, and personnel security.

“The creation of this role comes at a pivotal moment in cybersecurity history,” said Bowling. “At a time when critical infrastructure has been the target of nation-state cyber warfare, it’s become increasingly important to ensure information security, legal, and compliance all work together to protect sensitive data from malicious actors. I’m eager to bring my decades-long experience in the government and healthcare sectors to this new role as we help enterprises capitalise on the value of the network so they can elevate their security posture.”

Prior to his civilian career, Mark spent more than two and a half decades investigating and combating cybercrime and nation-state attacks in leadership roles with the FBI and the Department of Education, and as a nuclear officer in the U.S. Navy, initially assigned to the submarine service.

Bowling previously held the role of Director of Information Security and Compliance for the Washington Regional Medical System, the Virtual CISO for United Capital Financial Advisors, and the Director of Security and Compliance for Southwest Power Pool. He has spent several years as a consulting CISO for numerous organisations in the healthcare, electric utility, and financial services verticals.

“As global cyber incidents continue to spike and disclosure and privacy regulations evolve, there’s an increasing need to ensure that security, compliance, and risk management functions are in lockstep,” said Zajac. “As a noted and respected leader in the industry, Mark is in a unique position to provide a new way of adapting security strategies that focus on a holistic view of network activity, including both the legal and compliance aspects. We are excited for him in this new role as he advances the critical work we do.”