Rod Beckstrom

Why organisations work with Rod Beckstrom

• He has run cybersecurity at the level boards now have to think about it: founding Director of the U.S. National Cybersecurity Center, briefing executives who must translate cyber exposure into a number their audit committee can act on.
• He led ICANN through the DNSSEC signing of the DNS root and the opening of the new generic top-level domain namespace, decisions that shaped the operating environment every digital business sits inside.
• His Cybersecurity Value at Risk (CyberVaR) framework gives C-suites a single statistical figure for cyber exposure, replacing technical heat-maps with something a CFO and audit committee can use.
• The Starfish and the Spider, co-authored with Ori Brafman, gave executives a working vocabulary for why decentralised competitors, movements and threat actors keep outflanking traditional hierarchies.
• He has commented on cyber and internet policy across CNN, BBC, PBS, MSNBC and NPR, and has served on the World Economic Forum’s Global Agenda Council on the Future of the Internet.

Biography highlights

• Founding Director, U.S. National Cybersecurity Center, Department of Homeland Security.
• President and CEO of ICANN, 2009 to 2012; oversaw DNSSEC signing of the DNS root and the gTLD expansion.
• Co-author, The Starfish and the Spider: The Unstoppable Power of Leaderless Organizations (Portfolio/Penguin, 2006), translated into 16 languages.
• Originator of Beckstrom’s Law for valuing economic networks, presented at BlackHat and DefCon in 2009.
• Co-founder of CATS Software Inc., a derivatives risk management firm taken public on NASDAQ and acquired by Misys.
• Trustee of the Environmental Defense Fund; Stanford BA (Honors) and MBA; Fulbright Scholar.

Biography

Cyber risk is now a board-level question, but most boards still cannot put a number on their exposure. Rod Beckstrom built his career on closing exactly that gap. As founding Director of the U.S. National Cybersecurity Center inside the Department of Homeland Security, he sat at the point where federal cyber policy met operational reality. His CyberVaR framework translates that experience into something a CFO and audit committee can work with: a single statistical estimate of cyber Value at Risk.

The internet itself has been part of his remit. As President and CEO of ICANN from 2009 to 2012, he led the organisation through the DNSSEC signing of the DNS root and the opening of the generic top-level domain namespace, two decisions that quietly reshaped the operating environment of every digital business. The work also took him through the politics of internet governance with governments, registries and civil society, which is the substance behind his commentary on CNN, BBC and the World Economic Forum’s Global Agenda Council on the Future of the Internet.

His second body of work is about the shape of organisations. The Starfish and the Spider, co-authored with Ori Brafman and translated into 16 languages, gave executives a usable framework for why decentralised networks, from open-source projects to insurgencies to platform competitors, keep outperforming hierarchies on their own terrain. Beckstrom’s Law, his model for valuing economic networks, sits alongside it as an attempt to put the same intuition into numbers.

Underneath the public roles is a working entrepreneur. He co-founded CATS Software Inc., a derivatives and risk management firm taken public on NASDAQ and later acquired by Misys, and continues to build and chair technology companies through his advisory firm BECKSTROM. The result is a speaker who treats cyber risk and decentralised networks as the same conversation: how senior leaders make defensible decisions about systems they do not fully control.

Key speaking topics

• Cybersecurity as a board-level risk
• Cybersecurity Value at Risk (CyberVaR) for the C-suite
• Decentralised organisations and the Starfish model
• Internet governance and the future of the internet
• Network economics and Beckstrom’s Law
• Leadership in networked organisations

Ideal for

• Boards and audit committees setting cyber risk appetite and oversight
• CISOs, CIOs and CFOs translating cyber exposure into financial language
• C-suite and corporate development teams navigating decentralised competitors and platforms
• Government, regulator and policy audiences working on internet and cyber governance

Audience outcomes

• A working method for expressing cyber risk as a single financial figure boards can act on
• A clearer view of how decentralised networks compete with, and erode, traditional hierarchies
• Sharper questions to put to security leaders about exposure, recovery and accountability
• A grounded read on where internet governance and policy are heading and what that means for digital strategy