Gary McAlum is AIG’s Chief Information Security Officer. In this role, he is responsible for developing, implementing, and operating an information security strategy to address AIG’s cyber risks. He is responsible for protecting AIG’s data, managing cybersecurity related risks, and ensuring regulatory compliance, while enabling the business.
In 2021, Gary retired from USAA, a financial services company focused on the military community, where he served as their Chief Security Officer for more than 11 years. In that role, he led a team of more than 1,000 personnel spanning Information Security, Privacy, Fraud Operations, Business Continuation, Physical Security Operations, and Corporate Investigations. While at USAA, he served for 10 years on the Board of the Internet Security Alliance (ISA) and contributed to several of their publications. In addition, he was a regular industry speaker at the Department of Defense (DoD) Cyberspace Operations Executive Course (COEC) that was designed to provide senior military leaders a better understanding of technologies, policies, and operations being implemented to defend and operate in the cyber domain.
Prior to USAA, Gary served 25 years in the US Air Force, retiring as a Colonel. Throughout his military career, he worked in a variety of leadership and staff positions within the information technology and cyber career field, including cybersecurity operations, telecommunications, satellite communications, deployed network operations, and information security. Gary had multiple deployments to the Middle East in support of military operations. Most notably, he was on the front line of cyberspace operations for the DoD, where he supported the establishment and evolution of the Joint Task Force Global Network Operations (JTF-GNO), the organization that was the focal point for the operation and security of DoD information systems and networks and a pre-cursor organization to US Cyber Command. During this time, Gary was frequently called upon to provide cyber threat insights to a wide variety of interagency forums, including the US-China Economic and Security Review Commission and the President’s National Cyber Study Group, as well as to provide Congressional testimony. In 2016, he was inducted into the Air Force Cyberspace Operations Hall of Fame. After retirement from the Air Force, he spent a short time with Deloitte & Touche, LLP, in their federal practice.
Gary earned a B.A. in Mathematics from The Citadel, an M.S. in Management Information Systems from the University of Arizona, and an M.S. from the Industrial College of the Armed Forces. He is a Certified Information Systems Security Professional (CISSP) and a Certified Fraud Examiner (CFE). Gary has completed the National Association of Corporate Directors (NACD) Cyber Risk Oversight certification course, the Wharton Security Executive Development Program, and the executive education course Cybersecurity: The Intersection of Policy and Technology at Harvard’s Kennedy School of Government. In addition, he attended the FBI’s CISO Academy and Domestic Security Executive Academy.
Gary serves on the Board of Directors at the National Cybersecurity Center, a nonprofit for cyber innovation and awareness, and at Fisher House Inc., a nonprofit that supports military members, veterans, and their families staying at Fisher House while they receive medical treatment in the San Antonio area.