Cybersecurity programs are often judged by what goes wrong. However, the most effective security teams are defined by what remains invisible to customers: disciplined preparation, swift decision-making and a clear understanding of where risk truly matters.
At SAS, cybersecurity is treated as a business enabler rather than a reactive control function. The focus is on anticipating threats, practicing response and prioritizing protections that reduce real-world risk for customers. As cloud adoption accelerates and threat actors become more automated, that mindset has become essential.
That approach to security leadership and risk management was recently recognized through the NC TECH Awards, which are organized by NC TECH, a member-driven association representing North Carolina’s technology industry and its more than 700 organizations and 250,000 technology professionals. SAS Chief Information Security Officer Brian Wilson was named 2025 CISO of the Year at the event. The recognition reflects the maturity of a cybersecurity program built around readiness, trust and continuous improvement.
Brian Wilson is a strategic thinker, strong operator and trusted advisor who brings people along and builds confidence across teams.
Jay Upchurch, SAS Chief Information Officer
What does successful incident response look like at SAS?
Wilson: Preparedness. We run regular exercises, so when something happens, the right people engage quickly and communications stay purposeful. Success is when teams collaborate crisply and customers aren’t disrupted, because we’ve practiced the process and know it well.
What should customers expect from SAS’ security approach?
Wilson: We emphasize modern authentication, which gives customers tighter control over access to their cloud environments and we conduct proactive internal assessments on our software and hosted environments. You can’t fix everything; we prioritize what presents the greatest risk to customers and move fast on those items.
How have you shifted from reactive to proactive in recent years?
Wilson: A few years ago, we learned about a dark‑web claim from a customer and spent days verifying it with outside help. Today, leadership-backed threat intelligence enables us to often identify and address issues before customers even ask. That change flips the narrative – from “we’re investigating” to “we saw it, acted and it’s closed.”
What does the CISO of the Year recognition mean to you?
Wilson: It validates the work our team does every day and the investments SAS has made across people, process and technology. A well‑run security program can look quiet from the outside. The award is a signal that our focus is in the right places and that our execution is strong.
A well-run security program can look quiet from the outside.
What trends matter most right now?
Wilson: People are still the front line. The individual behind the keyboard remains the top risk. We invest in relatable, scenario-based education so that employees can see how everyday actions protect customers and the company. Technically, we’re seeing continued movement away from passwords toward email‑based authentication, social sign‑on and passkeys. Convenience is great, but vigilance matters, especially with phishing.
What practical security steps do you recommend everyone take?
Wilson: Use a password manager; add hardware security keys where supported; enable strong multi-factor authentication on primary accounts (email, banking, government portals). And freeze your credit. It’s free, straightforward and a meaningful way to reduce fraud risk.
How is AI changing the defender’s job?
Wilson: Adversaries, including well‑resourced actors, use automation to discover and exploit vulnerabilities. We’re investing to detect earlier and move faster. My team uses AI to accelerate routine tasks (like crafting detection rules), and we’re benefiting from AI features increasingly embedded in modern security platforms.
What keeps you motivated – and what’s next?
Wilson: No day is the same, and I’m fortunate to work with a team that’s already digging into new issues by the time headlines appear. After 21 years at SAS, I still value the camaraderie and the company’s investments in employee well‑being and in‑person collaboration. Looking ahead, the focus is on ensuring security has a seat at the table, being visible, vocal, and engaged across the business, and continuing to share lessons with the wider security community.
