Stephen Ward
About
I feel a strong sense of purpose to bridge the gap between the astonishing benefits of technology and the human components of compassion and empathy. While technology is rapidly changing the world, it is imperative that we build security into the inception of ideas to continue to innovate effectively.
The past 25 years of my life have been dedicated to security — as a CISO at The Home Depot and TIAA and Security Operations at JPMorgan Chase. Cutting my teeth in the early days of cyber in the U.S. Secret Service, while also gaining experience in physical security and fraud. I’m also a proud veteran of the U.S. Coast Guard and graduate of Seton Hall University.
I’ve always been an operator at heart and love to build incredibly talented teams and technology. That’s why it’s been a pleasure to spend the past ten years on public and private boards and as an advisor to startup founders, helping them with strategy, product, and business development.
Fortunately, my diverse background led me to join the Insight Partners Investment Team in 2021 as a Managing Director to lead the cybersecurity portfolio.
Outside of my work, I’m a passionate autism advocate, thanks to my amazing son. I believe that all people, especially neurodivergent and special needs individuals, deserve to live incredible lives. I’m confident that we can achieve that by bringing accessibility and joy to others through safe and innovative technology.
Portfolio Companies
Previous Investments
Latest Articles
Why We Fell in Love with SGNL: Investing in the Future of Identity Security
Brightmind invested in SGNL based on a founding team with half a century of identity security experience, having previously built and sold companies to Google and pioneered the invention of CAEP. The firm identified a fundamental architectural gap in the incumbent PAM market, where static, pre-configured permissions leave enterprises exposed to insider threats and credential abuse that legacy vendors lack the architecture to address. SGNL's real-time, context-aware approach eliminates standing privileges by acting as a central nervous system for identity — ingesting risk signals from across the enterprise stack and enforcing dynamic, policy-driven access at adversary speed. With large enterprises actively pursuing identity transformation projects to replace 20-year-old technologies, Brightmind saw SGNL as well-positioned to become the gold standard for privileged identity management.
What everyone seems to be overlooking with Mythos and Project Glasswing
Stephen argues that while Mythos (an AI security model) giving 50 companies a 90-day head start to find vulnerabilities sounds promising, it's largely illusory — enterprises are already drowning in unpatched critical vulnerabilities and the remediation pipeline is far too slow and contentious to meaningfully close the gap in time. On day 91, when Mythos is broadly released, whatever defensive advantage was gained evaporates and attackers gain the same powerful exploit-generation capability. He recommends CISOs restructure their security orgs entirely — retiring traditional scanning teams in favor of one massive remediation-focused team, letting AI handle identification while humans focus solely on fixing. His deeper fear is that these capabilities will trickle into small, offline, guardrail-free local models, democratizing exploit generation in a way that creates systemic risk far beyond what any centralized tool with access controls can contain.
CrowdStrike to Acquire SGNL: Redefining Zero Trust for the Agentic Era
Brightmind invested in SGNL's Series A in January 2025, backing a platform purpose-built to close the long-standing gap between security operations and access management by embedding real-time context into every access decision. SGNL's dynamic, continuous identity architecture stood in contrast to the static approaches of legacy PAM vendors, positioning the company to meet the access governance demands of the agentic AI era. CrowdStrike has now agreed to acquire SGNL, integrating its access management capabilities with CrowdStrike's industry-leading identity threat detection to deliver a consolidated platform the firms are calling "threat-driven continuous identity." The combination gives CrowdStrike a differentiated end-to-end identity stack and marks a strong outcome for Brightmind's early conviction in the SGNL team.