At the forefront of cybersecurity

“There was a clear throughline to risk and security in every system I worked with and in every role I held,” he says.

Motivated by this realization, Shetty, who had earned his bachelor’s degree in electronics and telecommunication, sought to deepen his expertise in information assurance, information security and audit. His search led him to UB where he earned a Master of Science in Management Information Systems.

“The UB School of Management stood out because of its faculty,” he says. “The professors are stalwarts in information security.”

At UB, Shetty quickly began honing his new analytical and problem-solving skills through case competitions and other real-world challenges. His graduate student team won the inaugural Deloitte Information Assurance Course Case Competition by serving as computer security consultants in the adaptive cyberrisk intelligence and big data challenge in 2014.

After graduation, he joined PwC as a senior cybersecurity and data privacy associate, expanding his experience in the roles of database access controls expert, network security analyst and infrastructure associate. Each new position sharpened his ability to assess risk and strengthen systems.

He later brought this expertise to Morgan Stanley, where he served as information security and risk officer advising senior leaders and executives on all risk, including third party risks, compliance issues and broader security concerns.

“The field is constantly evolving, so as my career progressed, every year brought new things to learn,” he says. “At Morgan Stanley, I gained real confidence in my security and risk expertise and learned to adapt my knowledge to the organization and their current state.”

Now, as information security, governance and risk management lead at Cisco, Shetty operates at a more strategic level, guiding stakeholders in the company’s security business unit across various risk management initiatives.

“A lot of my work at Cisco has been first of its kind,” he says. “I designed a risk management framework to protect sensitive data and systems that fits our business’ operating model. This framework was adopted by the security business unit and is still being used and matured across the company’s broader operations by various leaders.”

As the landscape of cybersecurity evolves, Shetty encourages management students to stay on top of trends.

“With AI, it’s easier than ever for threat actors to infiltrate codebases and manipulate systems through tactics like model poisoning and data poisoning,” he says. “To fully understand these threats, I encourage students to have a foundational knowledge of AI, how it can be used, and listen to security leaders talking on these topics.”

During his time at Cisco, Shetty continues to focus on efforts that improve collaboration, consistency and decision-making across teams.

Shetty has contributed to advancing knowledge in the field of information security by publishing ideas through journals under the purview of the Institute of Electrical and Electronics Engineers, co-authoring papers and contributing to academic book chapters.

In addition to sharpening his mind by keeping up on the latest cybersecurity trends, Shetty brings this same energy to staying active, playing such sports as cricket, soccer and lawn tennis near his home in New Jersey.

Written by Alexandra Richter