BKD Cyber Mobile

BKD Cyber Team




Cindy is a leader of the BKD Cyber team and has been helping clients with their cybersecurity needs since 2006. BKD Cyber provides corporate governance services of risk assessments, SOC readiness, SSAE18/SOC exams, internal audit, and Sarbanes-Oxley (SOX) consulting as well as a suite of cybersecurity solutions: cybersecurity risk assessments, BKD Red Team—advanced threat and vulnerability testing and social engineering, incident response and investigation, business continuity resilience, policy and procedure creation, Payment Card Industry compliance, and awareness training for employees and boards of directors.

Cindy currently serves on the board of directors for the Arkansas Repertory Theatre. She is also on the board of directors for Delta Dental of Arkansas where she serves as a member of the finance and investment committee and chairs the audit and risk committee. She is a member of the Founder’s Circle of Arkansas State University Women’s Business Leadership Center, providing scholarships and mentoring for women. She is a co-founder and treasurer of the Leadership Foundation for Women—a group that serves to educate and empower women.

Cindy is a National Association of Corporate Directors governance fellow.

She is a graduate of Arkansas State University, Jonesboro, with a B.S. degree in accounting.

Ron Hulshizer, CMA, CGEIT, CISA®

Managing Director


Ron has more than 25 years of experience helping companies with information technology (IT), security, and financial accounting issues.  He primarily focuses on providing internal audit IT and IT security services to financial institutions.  His team conducts Federal Financial Institutions Examination Council reviews, general IT control reviews, internal and external penetration testing, business continuity plans, and social engineering reviews for approximately 250 banks and financial institutions. He holds Certified Management Accountant® (CMA®), Certified in the Governance of Enterprise IT (CGEIT), and Certified Information Systems Auditor (CISA) designations.

He is a graduate of James Madison University, Harrisonburg, Virginia, with a B.B.A. degree, and a graduate of Ashland University, Ohio, with an M.B.A. degree.

Cerone F. “Cy” Sturdivant, CISA®



Cy has been serving financial institutions since 2005. He primarily focuses on performing IT general control engagements and Internal Audit SOX/FDICIA engagements and managing various other cybersecurity-related services for financial institutions and other industries.

Before joining BKD, he worked for a community bank in their risk management division and in public accounting specializing in IT related internal audits and control assessments.

Cy has been a practicing Certified Information Systems Auditor® (CISA®) since 2009. His professional memberships include ISACA®, Tennessee Bankers Association Strategic Technology Steering Committee, and InfraGard Middle Tennessee Members Alliance.

He is a graduate of The University of Tennessee, Martin, with a B.S. degree in business administration with accounting and finance emphases, and a graduate of University of Memphis, Tennessee, with an M.B.A. degree.

Richard F. Lucy, CPA, CISA®


Rick has more than 25 years of diversified experience in planning, accounting, auditing, governance, and compliance management in corporate, not-for-profit, and academic environments.  His background encompasses managing, developing, and executing compliance efforts and directing internal audit programs for smaller regional organizations to large multinational corporations in order to evaluate financial, operational, and IT controls under many frameworks, including GAAP, GAGAS, COSO, HIPAA, PCI, NIST, ISO, FFIEC, and GLBA.  Given his previous business process, financial, and IT experience, Rick has the ability to effectively communicate risks and solutions to both business and IT stakeholders.

Prior to joining BKD, he managed, directed, and monitored multiple teams of professionals on concurrent engagements, including SOX, accounting, financial, IT, operational, governance, and compliance, integrated audits, investigations, security, and special projects for a professional services firm and a Fortune 500 telecommunications company.  He also has prior experience in accounting, planning, IT, and operational audits in the oil and gas and transportation industries.

Rick is a published author and frequent speaker on IT governance, risk, compliance, and audit topics. As well as being a CPA, he holds the Certified Information Systems Auditor® (CISA®) designation and has served on the business faculty at Northern Arizona University and University of Colorado Denver.  He currently serves as past-president of the Denver chapter of ISACA® and is a member of the American Institute of CPAs.

He is a graduate of The University of Oklahoma, Norman, with a B.B.A. degree in accounting, a graduate of Virginia Polytechnic Institute and State University, Blacksburg, with an M.A. degree in economics, and a graduate of The University of Texas at Arlington with a Ph.D. degree in business administration.

Johnny L. Sanders, QSA, CISM®, CISA®, CompTIA Security+

Senior Managing Consultant


Johnny has more than 25 years of information technology (IT) experience.  The majority of his experience was acquired during active duty in the U.S. Air Force, where he was a system administrator on Novell and Windows platforms as well as an information security officer.

He focuses on cybersecurity, IT audits, system security, policy, procedure, business continuity and disaster recovery reviews, and electronic banking review testing for financial institutions and institutions of higher learning.

Before joining BKD, Johnny was senior engineer for a large IT company that managed a sizable international project for the Department of Defense.  In addition to administering network security, load-balancing devices, and multiple physical and virtual servers, he was responsible for system audits, security, and network accreditation.  He also served as the chief operating officer for a regional broadband development company where he directly managed all installation and IT personnel, as well as overseeing network security and product development.  Johnny also taught basic and advanced network design, network security, and routing administration for Cisco Networking Academy at Arkansas State University.

He holds Payment Card Industry Qualified Security Assessor (QSA), Certified Information Security Manager ® (CISM®), Certified Information Systems Auditor® (CISA®), and CompTIA Security+ certifications.


Senior Managing Consultant

Paul has more than 10 years of experience in the areas of accounting, internal audit, IT governance, risk assessments, and security frameworks, including COSO, COBIT, Information Technology Infrastructure Library and NIST Cybersecurity framework.

He focuses on System and Organization Controls (SOC) engagements but also performs IT assurance for financial statement audits, internal audits, and risk assessments. Additionally, Paul leads the HITRUST efforts and helped the firm become an Authorized External Assessor, allowing BKD Cyber to perform assessments and services associated with the HITRUST CSF Assurance Program™ and the HITRUST CSF for clients.

Paul is a member of the American Institute of CPAs, ISACA®, and The Institute of Internal Auditors.

He is a 2006 graduate of Missouri State University, Springfield, with a B.S. degree in accounting, and a graduate of Grantham University, Lenexa, Kansas, with an M.B.A. degree.

How can we help you?

Whether you need help mitigating potential threats or tackling an active cyber breach, we have a dedicated team of professionals ready to assist.