John G. Bates is a Senior Manager within the cybersecurity practice at EY. He has counseled clients on cybersecurity matters for over fifteen (15) years, with experience in highly-regulated industries, including financial services and healthcare. He has conducted enterprise cyber assessments for several Fortune 500 companies, utilizing NIST, CIS, ISO 27001, CMMI, HITRUST, NY DFS, and other cyber standards and frameworks. He has significant hands-on experience building and improving cyber programs, including multi-year enterprise cyber transformations.