About CyForward
Who We Are
CyForward is a prevention-first cybersecurity consultancy focused on steady leadership, dependable infrastructure, and accountable ownership of cyber and operational risk.
We work with small to midsize organizations that are tired of instability, unclear responsibility, and reactive security decisions. Our role is to ensure critical systems remain available, recoverable, and secure, while giving leadership teams clear guidance and calm ownership when risk emerges.
This includes navigating modern threats such as ransomware, operational failure, and the implications of artificial intelligence and other emerging technologies.
Kurt Oestreicher
CISM, CPLP
Founder | Virtual Chief Information Security Officer (vCISO)
20+ years in security, intelligence, and cyber risk leadership, including executive cybersecurity governance and cyber insurance risk alignment.
Kurt Oestreicher brings over 20 years of experience at the intersection of cybersecurity, intelligence, and risk, shaped by frontline service in U.S. national security and executive leadership in the global cyber insurance industry. He holds a master’s degree in digital forensics, grounding his leadership in both technical depth and real-world investigative experience.
​
Before founding CyForward, Kurt served as a Special Agent in the FBI and an Army Intelligence Officer supporting global operations. He later held executive leadership roles at Swiss Re and Travelers Insurance, where he led cyber risk strategy and helped modernize how cyber risk is measured and managed.
​
Over the course of his career, Kurt has assessed the cybersecurity posture of more than 200 Fortune 500 companies and countless midsize organizations. Today, he leads CyForward with a focus on prevention, infrastructure stewardship, and executive-level risk leadership, working directly with boards, executives, and operators to make cybersecurity a stable, accountable part of how organizations operate and make decisions.
Primary Areas of Focus:
Cybersecurity Leadership & Accountability: Providing the disciplined oversight required to move organizations from reactive decisions to a stable, proactive security posture.
Infrastructure Stability & Recovery: Ensuring critical systems are designed for resilience and predictable recovery, applying a zero-tolerance-for-error mindset to technical architecture.
Risk & Insurance Alignment: Bridging the gap between technical reality and the financial scrutiny of insurance carriers to ensure long-term insurability and board-level clarity.
Credentials & Certifications
Certified Information Security Manager (CISM): Issued by ISACA.
Certified Professional Liability Practitioner (CPLP): Issued by PLUS.
Professional Memberships
Information Systems Audit and Control Association (ISACA): A global leader in information technology governance and risk management.
Professional Liability Underwriting Society (PLUS): The premier organization for professional liability and insurance economics.
FBI InfraGard: A public-private partnership between the Federal Bureau of Investigation and the private sector.
Selected Speaking Engagements
Quantifying Risk, Weaponized Malware
Advisen Cyber Risk Conference, New York, NY
​
Hacking: As Easy As 1, 2, 3!
Prima Annual Conference, Public Risk Management Association, Atlanta, GA
Cyber Risks to the Internet of Things
Industry Things World (USA), San Diego, CA
Implications of a Cyber Breach
Live-Hacking Media Event, Museum of Modern Art, New York, NY
The Cyber Crime Underground and Its Impact on Insurance Claims and Investigations
IASIU Seminar & Expo on Insurance Fraud, International Association of Special Investigation Units, Orlando, FL
A Forensically Robust Method for Acquisition of iCloud Data (Presented Original Research)
Annual Digital Forensics Research Workshop (DFRWS) Conference, Denver, CO