What he does: Esmond is the Chief Information Security Officer of Steward Health Care and has over two decades of experience leading IT and security programs and safeguarding vital sectors in multiple industries. At Steward, Esmond’s focus has been on transforming Steward's approach to information practices security, threat and risk management to comply with industry frameworks, and regulations and best practices. Prior to Steward, Esmond was Deputy Chief Information Security Officer at Partners Health Care working with executives and advisors on cyber security and business practice. Esmond has held multiple IT and security roles, including at institutions like Harvard University and Mass General Brigham, and he also serves on the advisory boards of multiple companies, providing valuable insights on cyber matters, ensuring secure IT operations, regulatory compliance, and resilient design.

On risk: "Risk is pervasive and it's across the continuum of the delivery of health care … Health care is all about securing the patient. It's all about making sure that we lower any risk on the patient privacy being impacted, the safety of the systems that we're putting in front of those patients. But also in this modern era we have to be very aware of the potential attacks on corporations on health care … Something relatively benign, like a medical device that you're plugging into a patient, you can magnify the risk associated with it because some of those medical devices require updating, they require securing, they're also storing sensitive information … We need to know where our data is, we need to know how our assets are managed … Ultimately, what you're trying to do is to measure that risk and make sure that it maps to your organization's risk appetite. And you're trying to mediate, you're trying to take what could be a high risk and what you're left with from a residual perspective, after you put some effective controls in play, it becomes much less of a risk."