About the Author

Portrait of a smiling man with gray hair and beard, wearing a dark suit and white shirt, standing outdoors in a park with green trees and sunlight.

Tony Martin-Vegue is an independent cyber risk researcher, consultant, and writer based in the San Francisco Bay Area. He specializes in helping organizations move from vague heat maps to data-driven risk decisions through practical methods like Cyber Risk Quantification (CRQ).

Tony is the author of From Heatmaps to Histograms: A Practical Guide to Cyber Risk Quantification (Apress, 2026) and writes the popular newsletter Heatmaps to Histograms: Field Notes. He has served as co-chair of the FAIR Institute’s San Francisco chapter, spoken at leading conferences including FAIRcon, SIRAcon, RSA, and ISACA, and was recognized with the FAIR Ambassador Award in 2020 for his contributions to the community.

Over a 20-year career, Tony has led risk, security, and technology functions at companies ranging from Silicon Valley tech firms (Netflix, Informatica) to fintech and financial services (LendingClub, First Republic Bank,). His work blends fast-moving, customer-focused experience with the discipline of regulated industries.

Connect with me on LinkedIn

About the Author

Contact Me