15 October 2025

Francesco Chiarini CEO & Chief Researcher, High Value Target

Francesco Chiarini is the founder and chair of the special group for cyber resilience ISSA.org, which brings together nearly 2,500 members worldwide, as well as the initiator of the global Cyber Resilience Awareness Day. He is also the founder and lead instructor of the Cyber Resilience Academy, a global pioneer in cyber resilience education that equips professionals with the skills to design and secure resilient enterprise environments. He is a sought-after speaker who has presented to global audiences, including recent lectures at the UN, MITRE, FS-ISAC, ISACA, ISSA, Microsoft, London Stock Exchange, FIRST, Asia Pacific CERT, Africa CERT, and many others.

 

In 2022, Francesco co-authored several recognized research papers, such as “The Cyber Resilience Index: Advancing Organizational Cyber Resilience” for the World Economic Forum, “Data Vaulting considerations for improving data recovery” for ASIFMA, and “Incident Timing Metrics, Reporting Cyber Risk to Boards” for Eurocontrol.

 

Since 2019, when NIST published document 800-160, Francesco has specialized in equipping companies with the ability to withstand multifaceted attacks from advanced adversaries and recover data after such attacks. He has had the honor of creating a best-in-class cyber resilience program that has been validated by experts from the U.S. CISA Cyber Resilience Task Force, among others. In this role, Francesco coined the term “high-value target” to identify key assets from the adversary's perspective.

 

Francesco currently leads global cyber resilience at a large pharmaceutical organization, where he focuses on assessing and improving its resilience by identifying the core capabilities necessary to maintain a lasting advantage over evolving cyber threats.

Francesco has 20 years of experience in IT and cybersecurity. He joined Standard Chartered Bank from PepsiCo, where he was responsible for one of the two global Cyber Fusion centers (in Poland), leading global incident response, red team operations, adversary emulation, and cyber resilience.