Press Release Image

Josh Anderson Brings 25 Years of Executive Leadership to Echelon 

Echelon Risk + Cyber is pleased to welcome Josh Anderson as a new vCISO for our vCISO practice. With nearly twenty-five years of experience across IT, security, and executive leadership, Josh enters this new chapter with a rare perspective. He has spent the majority of his career within the financial services industry and other highly regulated sectors, navigating the real pressures, constraints, and expectations that organizations face every day. Now, he brings that lived experience to Echelon, guided by a belief that privacy is a basic human right and strengthened by a career shaped equally by curiosity, community, and strong mentors. 

Josh’s journey into cybersecurity began unexpectedly. Early in his career, while working for a digital marketing company that supported major retail brands, he encountered his first cybersecurity incident and the ensuing response. In this instance, a preview server used to send high-profile content to clients kept filling up. When Josh investigated, he discovered that several gaming sites were using their bandwidth to expose content long before it aired. “That was really my first security incident response,” he said. “It was curiosity that got me there, and the community that kept me here.”  

 

Encouraged by strong mentors, Josh quickly immersed himself in the cybersecurity field, attending conferences early in his career and building relationships with practitioners who shaped his development. That foundation carried him into leadership roles, including CIO, VP, and Director of Information Security positions within the banking sector and other regulated environments. 

Throughout those years, one value remained constant for Josh: his belief in the importance of privacy. “Privacy is absolutely a basic human right, and always has been,” he said. “What’s changed is the acknowledgment of how much it’s a right. Today, it’s recognized at the human level. It’s intrinsic. It’s equal to any other freedom.” 

Having spent so many years as a client, Josh knows exactly what organizations need from a consulting partner. “What I valued most was a trusted partner. Someone who listens, understands your business, tells you yes and no, and guides you the right way,” he said. “It’s someone who brings resources and solutions when you don’t have them internally.” That clarity, formed through real operational responsibility, is one of the strengths he now brings to Echelon. 

 

Josh has also seen the security landscape transform over the past two decades, and the biggest shift he notices today is the speed of innovation. “It’s hard not to say AI, but it’s the pace of development overall. Everything is evolving faster than organizations can absorb,” he said. In this rush to modernization, he believes many teams overlook something essential: the fundamentals. “Know what’s in your environment, identify owners, harden systems. People underestimate the value of fundamentals, but they are still the foundation.” 

Josh’s decision to join Echelon was not spontaneous; it had been forming for years. He met Dan Desko on his second day as a CIO for a financial services institution when Dan was an auditor at his previous firm, conducting a cybersecurity audit and penetration test. The two stayed connected through the Pittsburgh security community, peer groups, and industry events. “When Dan explained the [Echelon] vCISO business model to me, it clicked. It’s a different way to solve security problems that so many small and mid-sized organizations deal with. I’ve tried models that don’t work. This one is viable.” 

As he steps into the vCISO role, Josh is particularly excited about the team he’s joining. He sees immense strength in the combination of experienced generalists and highly specialized practitioners across Echelon’s organization. He also believes that organizations today need something very specific from their vCISO: a partner who builds trust and brings clarity.  
 

“Organizations need someone who understands the business, communicates risks clearly, and aligns with their priorities. Security teams should be partners, not adversaries,” he said. 
 

Josh’s arrival represents more than a new hire; it reflects Echelon’s continued dedication to delivering human-centered, business-aligned security leadership. His curiosity brought him into cybersecurity; his community kept him here. And now, his experience from the client seat will help Echelon’s vCISO team empower more organizations to navigate risk with confidence while upholding privacy as a basic human right.