Chief Security Officer.
Company Advisor. Board Member.
LOVE / Emerging tech, young companies, securing applications, AI security, national security, and the future of the internet.
ALSO / Sunrise walks with my rescue pug mix, toddler beach days and buffalo wings
CISO / Advisor
I am the CISO at Reco (Intelligent, heuristic-based SaaS security). I also advise executives on cloud security and go to market, from Fortune 100 banks to biotech start-ups. Current clients include a small handful of young companies including: Andesite (AI-driven SOC transformation); Enkrypt AI (AI security for the enterprise), and LISN (AI-driven CISO decision-making tools).
Pro bono work serving on the Miami-Dade College BILT (business industry leadership team) and on the Advisory Board of Black Girls Hack.
FORMER
Deputy CISO at AWS,
Security in all 3 branches of US Govt (Federal Communications Commission, Department of Homeland Security, United States Senate, Department of Defense)
PREVIOUS ACADEMIC ROLES HELD
Penn State Law School, Pittsburgh, PA. Adjunct Professor and Fellow, Center for Computational and Data Sciences / University of Maryland, Washington, DC. Adjunct Professor of Cybersecurity / University of Pennsylvania, Philadelphia, PA. Adjunct Professor of Cybersecurity
ACADEMIC ARTICLES ON
Security, AI, robotics, SEC regulations, constitutional issues including child exploitation and terrorist speech online
EDUCATION / Harvard College, Harvard Law School. WORK / CISO at Reco, advising young companies. EXPERTISE / Emerging tech, AI, Security, Enterprise CISOs, Venture Backed Investments. MEDIA / Quoted in WSJ, Forbes, VentureBeat and many others.
IN THE PRESS – SELECT FULL ARTICLES
Reco Names Merritt Baer Chief Information Security Officer
AWS Security Profiles: Merritt Baer
Enterprise Level Security at Scale: Insights from AWS
Wall Street Journal: Materiality Seen as Tough Task in new SEC Cyber Rules, Aug 2, 2023
Wall Street Journal: Cyber Experience on Boards Still Seen as Critical in New SEC Rules, July 27, 2023
Navigating Your First 30 Days as a CISO, Dec 18, 2023
Who is the Witness to an Internet Crime? The Confrontation Clause, Digital Forensics, and Child Pornography, 30 SANTA CLARA COMPUTER & HIGH TECH. L.J. 31 (2014)
Go to Market / Introductions / Product validation / Product placement / Security trends / Threat landscape
How to grow up your security shop / Security in the cloud / How CISOs make decisions / How to talk to CISOs if you are a vendor
Market trends / Particular services / Something custom - feel free to ask!
We talk a lot about AI but don’t talk enough about the security of your AI.
Which vendors to choose: We talk a lot about features but we don’t talk enough about operationalizing the tech.
Security will feel different in the cloud. Let’s talk IaC, ephemerality, modularity, Serverless, managed services, architecture decisions, and formal reasoning.
