Frank Depaola serves as Chief Information Security Officer and head of Global IT Operations at Enpro Industries, a publicly traded manufacturing and industrial technology firm with a global footprint. With a military background and a career built on replicating and scaling cybersecurity programs in complex, regulated environments, Frank is not only responsible for defending the enterprise—but also for integrating every newly acquired business into a unified, secure, and compliant framework. His expertise spans compliance management, infrastructure integration, and workforce development, and his leadership has become instrumental to Enpro’s ability to grow safely through acquisitions.
Here’s a glimpse of what you’ll learn:
- Why cybersecurity must lead M&A integrations and how to standardize it
- How Frank’s “Three Cs” framework keeps acquisitions compliant and collaborative
- The benefits of reusing and adapting security controls across compliance frameworks
- Tools and platforms his team uses to scale (including AuditBoard and Active Directory)
- Lessons from his Army career that guide his leadership and retention strategy
- How to build trust with business leaders during complex integrations
- Why he invests heavily in cross-functional talent development over hiring for narrow expertise
In this episode…
Frank shares how building a playbook for consistent M&A integration became critical—not just for operations, but for cybersecurity and regulatory alignment. He details his framework built on the Three Cs: Cybersecurity (identity, MFA, EDR, cloud visibility), Compliance (mapping tools across frameworks like ISO, NIST, and CMMC), and Collaboration (unifying communications across platforms). That consistent process, he says, has gained the trust of legal, corporate development, and executive teams—and it's led to full integration across all subsidiaries.
Frank also breaks down how his team uses AuditBoard to map once and apply controls across all frameworks, creating scalability for compliance. He emphasizes the need to lead with tools you already own (like AD and Azure) before buying new ones, and why good GRC starts with simplicity and consistency. He’s passionate about hiring people with broad skill sets and investing in training, building a cybersecurity team that is both agile and deeply loyal.
As a former Army servicemember, Frank attributes much of his leadership style to military experience: from practicing extreme ownership to celebrating individual wins and leading with empathy. He argues that team diversity, training, and shared purpose are what set high-performing security organizations apart.
Resources mentioned in this episode:
Matthew Connor on LinkedInCyberLynx
Frank DePaola on LinkedIn
Enpro Website
Sponsor for this episode...
This episode is brought to you by CyberLynx.com
CyberL-Y-N-X.com.
CyberLynx is a complete technology solution provider to ensure your business has the most reliable and professional IT service.
The bottom line is we help protect you from cyber attacks, malware attacks, and the dreaded Dark Web.
Our professional support includes managed IT services, IT help desk services, cybersecurity services, data backup and recovery, and VoIP services. Our reputable and experienced team, quick response time, and hassle-free process ensures that clients are 100% satisfied.
To learn more, visit cyberlynx.com, email us at help@cyberlynx.com, or give us a call at 202-996-6600.