A Strategic Addition to OnDefend’s Cybersecurity Leadership

OnDefend is excited to welcome Carly Sherrod as our new Director of Threat Intelligence and Programs, as well as Associate Program Director for the Independent Security Inspector program with TikTok USDS.

With extensive experience in cybersecurity, intelligence, and incident response, Carly will play a pivotal role in enhancing OnDefend’s threat intelligence capabilities and program development.

Her journey into cybersecurity is anything but traditional, making her expertise in offensive and defensive cyber operations a game-changer for OnDefend. Get to know Carly in this exclusive one-on-one interview.

Q: What is your role at OnDefend? 

My role as Director of Threat Intelligence and Programs involves curating, analyzing, and contextualizing threat intelligence to help organizations proactively defend against cyber threats. This includes developing cybersecurity programs that reinforce OnDefend’s strategic and operational efforts.

Whether it’s advancing threat modeling, enhancing cyber defenses, or managing large-scale security programs, my job is to ensure OnDefend stays ahead of evolving cyber threats and in return helping our customer’s stay ahead. 

Q: How did you get started in cybersecurity? 

My path was definitely unconventional. I hold a master’s degree in healthcare administration and initially planned to work in healthcare management. However, my work in technical rescue operations led me to the North Carolina Department of Public Safety, where I became involved in intelligence work.

This exposure to counterterrorism, critical infrastructure protection, and cyber threats propelled me into cybersecurity. Over time, I transitioned from working on public safety and law enforcement investigations to tackling cybercrime, ransomware defense, and nation-state threats.

Q: Can you walk us through some career highlights?

One of my defining moments was leading multiple incident response efforts for organizations facing advanced cyber threats. Whether dealing with nation-state adversaries or ransomware groups, I was responsible for guiding teams and organizations through high-stakes cyber incidents.

Previous Leadership Roles:

• Interim State Chief Risk Officer & Chief Information Security Officer (CISO) of North Carolina – Oversaw state-wide cybersecurity infrastructure.
• Former Deputy State Chief Risk Officer & Chief Information Security Officer
• Principal Consultant at CrowdStrike – Led digital forensics and incident response (DFIR) efforts against global cyber threats.

 Q: What excites you most about joining OnDefend?

OnDefend is uniquely positioned—it’s a growing, yet stable cybersecurity company. That balance provides the perfect opportunity to build and shape cybersecurity programs that will have a long-term impact.

Additionally, I was drawn to OnDefend’s mission. The company goes beyond compliance checkboxes, focusing on real-world testing of security defenses. That aligns with my philosophy: cybersecurity should be proactive, dynamic, and constantly evolving to outpace adversaries.

 Q: What is a standout accomplishment in your career thus far? 

A recent project that stands out was helping to identify and attribute a new cyber threat actor tied to North Korean cyber operations. As part of a global intelligence effort, within my role at CrowdStrike, I contributed to the discovery and documentation of tactics used by this group, leading to their official designation as Famous Chollima.

Being involved in tracking, analyzing, and exposing a major adversary’s operations was a career-defining moment for me.

Q: What’s your advice for other women in cybersecurity? 

1. Be open to opportunities – Your career path might not go as planned, and that’s okay. Many of my biggest career moves came from saying yes to unexpected challenges.
2. Speak up and ask questions – The best cybersecurity professionals are always learning. Don’t be afraid to say, “I don’t know, but I’ll find out.”
3. Never dim your light to make others comfortable – Your skills and insights are valuable. Own them confidently.

Q: Where do you hope to see the state of cybersecurity in five years?

I hope to see a shift towards real-world testing of security controls rather than just compliance requirements. Cyber threats evolve too quickly for static defenses. We need to be adaptive, dynamic, and creative to stay ahead.

With advancements in AI-driven threats and automation, defenders must be just as innovative as attackers. I expect a stronger focus on offensive security testing and real-time threat validation over the next five years.

Watch Carly’s full interview here: OnDefend welcomes Carly Sherrod as new Director of Threat Intelligence and Programs

About OnDefend

OnDefend, established in 2016, stands at the forefront of preventative cybersecurity testing and advisory services, a reputation further enhanced by the introduction of its advanced Breach and Attack Simulation (BAS) Software as a Service (SaaS) platform, BlindSPOT. OnDefend is a trusted partner, empowering organizations globally to proactively combat real-world cyber threats. From ensuring compliance with industry standards to building out mature security programs, our mission is to ensure that the security resources our customers invest in are well-utilized, effective, and provide tangible results. For more information about their services and solutions, please visit http://www.ondefend.com/

OnDefend Media Contact:

Lauren Verno, Media@ondefend.com

904-299-3669