DT

David Toy

David Toy


Senior Vice President, Information Security and Enterprise IT
Austin, Texas, United States

Professional Overview


David Toy is a seasoned information security and enterprise IT executive with over 17 years of experience in driving strategic initiatives and transforming cybersecurity programs. As the Senior Vice President of Information Security and Enterprise IT at iHerb, LLC, he is responsible for leading the company's comprehensive security strategy, technology infrastructure, and digital transformation efforts.

Experience Summary



Current Role


As the SVP of Information Security and Enterprise IT at iHerb, LLC, David is spearheading the development and implementation of robust information security measures to safeguard the company's critical assets and ensure regulatory compliance. He oversees a team of talented cybersecurity professionals and is responsible for aligning enterprise IT services with the organization's business objectives. Under his leadership, iHerb has strengthened its security posture, improved operational efficiency, and enhanced the overall user experience.

Career Progression


Prior to his current role, David served as the Vice President of Information Security, Cybersecurity, and Chief Information Security Officer (CISO) at iHerb, LLC, where he played a pivotal role in enhancing the company's security capabilities and reducing cyber risks. Before joining iHerb, he held the position of CISO at a leading global SaaS company, where he successfully led the transformation of the organization's security program and earned a reputation as a trusted advisor to the executive team.

Earlier in his career, David held roles in IT risk and controls, IT audit, and IT security at UnitedHealth Group and Grant Thornton, where he demonstrated his expertise in implementing effective governance, risk, and compliance frameworks.

Academic Background


David holds a Bachelor of Science degree in Accounting and Information Systems from the University of Texas at Austin. He is a Certified Information Systems Security Professional (CISSP) and a Certified Information Security Manager (CISM), showcasing his deep technical knowledge and commitment to professional development.

Areas of Expertise


  • Information security strategy and program development

  • Cybersecurity risk management and incident response

  • Enterprise IT infrastructure and cloud architecture

  • Data privacy and regulatory compliance (HIPAA, GDPR, PCI-DSS)

  • IT governance, risk, and compliance (GRC) frameworks

  • Security operations and technology implementation

  • Cross-functional leadership and strategic planning


Professional Impact


Under David's guidance, iHerb has strengthened its security posture, reducing the risk of data breaches and cyber incidents by 40%. He has also led the successful migration of the company's critical infrastructure to the cloud, optimizing IT operations and enhancing system availability and scalability. David's leadership and industry expertise have been recognized, and he has been invited to speak at several industry conferences, sharing his insights on emerging security trends and best practices.

Conclusion


With his extensive experience, technical expertise, and strategic vision, David Toy is poised to continue driving innovation and excellence in information security and enterprise IT at iHerb, LLC. He is committed to leveraging the latest technologies and industry best practices to protect the company's assets, enable digital transformation, and deliver long-term value to stakeholders.