The National Cybersecurity Alliance is pleased to present the tenth edition of our Board Member Spotlight.
Our Board member companies are leaders in cybersecurity education and awareness and are an integral part of making the organization a successful public-private partnership.
Get to know Shaun Khalfan, Senior Vice President, Chief Information Security Officer at Discover Financial, in this Board Member Spotlight.

What motivates you to serve on the National Cybersecurity Alliance Board?
Today’s digital environment has never been more contested. I believe education is a foundational component to securing our digital environment. I am passionate about the National Cybersecurity Alliance’s focus on building public-private partnerships to improve collective defense and empowering our businesses, schools, and communities with the training to protect themselves online, whether it’s securing your home network or tips to prevent cyberbullying. Creating strong partnerships and ensuring those operating in the digital environment know how to protect themselves will move us toward a more secure digital world.
How does Discover’s cybersecurity interests align with the National Cybersecurity Alliance mission to educate and empower our global digital society?
I believe the National Cybersecurity Alliance’s interest in empowering and educating align well with Discover’s. Our mission is to help people spend smarter, manage debt better, and save more so they can achieve a brighter financial future. Protecting our customer data, financial assets, and ensuring our employees and customers have the training and tools to protect themselves online are paramount to enabling this mission.
Do you think your experience and skills as a military veteran equipped you for a career in cybersecurity? Why/how?
I am thankful to have served and believe military service equipped me for a career in any industry. The military taught me how to create an environment focused on people and compassion, which leads to results. People first, mission always. Service also prepares you to make decisions without all the information, operate under duress, manage risk, lead and empower teams. This translates to many domains in cybersecurity, such as cybersecurity operations and secure product engineering.
What kind of advice might you give to a veteran who wants to jump into this field?
You bring a broad range of key skills to the domain, such as discipline, integrity, teamwork, and mission-focus. That’s a solid foundation to build from and the hardest to train. Your next step is domain expertise. That might be to focus on a particular area for study, take advantage of training programs, and network through veteran’s groups. Lastly, visit the National Initiative for Cybersecurity Careers and Studies (NICCS) which has a user guide for U.S. Veterans entering the cybersecurity career field.
What is it like to work in the intersection of cybersecurity and financial services?
This is an exciting and dynamic sector where cybersecurity and operational risk are on par with credit, market, and liquidity risk, playing a role to help ensure the free flow of capital and liquidity to the marketplace.
We just wrapped up Data Privacy Week! As a Chief Information Security Officer, what might you choose for next year’s Data Privacy Week theme if you had to pick?
I enjoyed this year’s key efforts to help individuals manage their personal information and keep it secure, coupled with encouraging businesses to respect privacy along with steps to take. I think these educational efforts should continue, but a future look at data privacy and protection in a world where connected devices and sensors have continued to increase would be interesting. Is what we’re doing enough? Are there new approaches we need to consider?
What is something about you that your colleagues might not know?
I used to be a fast runner! I ran the Boston Marathon twice.