At Security Edge, former CIA CISO William McMillan shares strategies for AI in SecOps, drawing from leadership across national security and enterprise cyber.

William McMillan has had a distinguished career spanning multiple sectors, including serving as Chief Information Security Officer (CISO) at the CIA, Senior Vice President for Information Security at Salesforce, and Chief Product Officer at Andesite.

He shares that his professional journey has been shaped by a passion for service and a thirst for adventure.

From the US Air Force Academy to international assignments, William developed a deep interest in intelligence and the growing role of cyber operations, an interest that led him to pivot into cyber security and ultimately to his role at the CIA.

During his tenure as CISO at the CIA, William experienced a “baptism by fire” moment.

Just days after accepting the role, the SolarWinds cyberattack made headlines. Appointed on a Thursday, he discussed the opportunity with his family over the weekend, only for the news of the breach to erupt that Sunday.

His first thought: did the CIA know about this when they offered him the job?

It was an instant immersion into high-stakes cyber leadership, with the internet “on fire” and national security in question.

Reflecting on this experience, William emphasises how crucial leadership was during that intense period.

He had to establish credibility with a team that didn’t know him while managing a major crisis.

The situation mirrors broader challenges cyber leaders face today, maintaining governance and compliance amid limited business support.

Many organisations continue to lean on frameworks like ISO and the Essential Eight to demonstrate progress and earn internal buy-in.

Drawing on his earlier experience running counterterrorism operations in a war zone, William found those skills highly transferable to managing cyber crises.

His advice to other security leaders: stay grounded in the fundamentals of leadership, remain adaptable, and don’t underestimate the importance of calm under pressure.

 

Key takeaways:

  • Career shaped by service and adventure: William’s career has been driven by a passion for service and a love of new challenges, from his time at the Air Force Academy to his roles at the CIA and Salesforce, adapting to emerging fields like cyber security.
  • Baptism by fire during SolarWinds breach: His appointment as CISO at the CIA coincided with the SolarWinds cyberattack, thrusting him into a crisis situation. This rapid onboarding and crisis management tested his leadership skills in unprecedented ways.
  • Leadership in high-pressure environments: Drawing on previous counterterrorism experience, William highlights the importance of adaptability, building credibility quickly, and relying on core leadership principles during critical moments like the SolarWinds attack.
Contributors
William MacMillan Former CISO of the CIA | Former SVP for Info Sec at Salesforce
William MacMillan is the Chief Product Officer at Andesite. Prior to this position, he was Senior Vice President for Information Security at... More

William MacMillan is the Chief Product Officer at Andesite. Prior to this position, he was Senior Vice President for Information Security at Salesforce.

Prior to his retirement from the federal government, William served as the Chief Information Security Officer (CISO) at the Central Intelligence Agency (CIA), where he led a sweeping transformation of the CIA’s cybersecurity strategy and organization.Prior to serving as CISO, William held multiple senior leadership positions at CIA dealing with various aspects of intelligence, counterintelligence, and cyber operations. During his career, he focused significant attention on insider threat, supply chain risk, and incident response issues, as well as the development of CIA’s Cybersecurity Operations Center (CSOC). Prior to joining CIA, William served as an officer and a pilot in the United States Air Force’s Combat Rescue and Special Operations communities.

William graduated from the United States Air Force Academy with a BS in Biology. He also holds an MA in International Relations from Salve Regina University and an MS in cybersecurity from George Mason University.William, his wife, and their three children reside in the Pacific Northwest.

Less
Matt Boon Senior Research Director at ADAPT
Matt Boon is the Senior Director for Strategic Research at ADAPT, responsible for directing and developing research content and positions. For over... More

Matt Boon is the Senior Director for Strategic Research at ADAPT, responsible for directing and developing research content and positions.

For over 30 years, Matt has worked in research and advisory, including senior leadership roles at Gartner as Principal Analyst, Research Director, and Managing Vice President, where his 18 year history included working with Dell, Microsoft, and many others.

Throughout his career, Matt has been a sought after and highly respected authority on the local and global IT landscape.​ He interacts with executives daily, bringing together groups of C-suite leaders to discuss and prepare for the challenges and opportunities they face.​

At ADAPT, Matt hosts numerous industry-leading business and technology events which Matt chairs, including the yearly Security Edge conference, delivering unique market trends and white-papers, advising executives across the technology provider landscape to make informed IT decisions.​

When he is not working, Matt enjoys walking the many trails of the NSW Southern Highlands, travelling and listening to music. He is also partial to a good steak and nice glass of red wine.

Less
security culture leadership