Carroll joins the state’s Office of Information Security and Cyber Defense (OISCD), a new division under the CIO’s office, where he is charged with developing and enforcing risk management practices, incident response coordination and security governance across the executive branch, according to the position’s job posting. Carroll replaces former Nevada CISO Bob Dehnhardt, who retired in May 2025.
Carroll brings more than 20 years in private-sector information security and IT experience, having worked in executive positions at firms including Employers, SC Johnson and Johnson Controls. He has overseen security strategy, enterprise risk management and regulatory compliance while leading large-scale enterprises and building cybersecurity programming. This experience is coupled with a 27-year career in the U.S. Army, where he retired in 2015 as a lieutenant colonel, according to LinkedIn.
Nevada has worked to reorganize its cyber strategy for several months now, starting with the July creation of OISCD. The effort gained momentum after the state suffered a cyber attack in August that impacted about 60 state offices. That attack led legislators to sign off on Assembly Bill 1, affirming a statewide Security Operations Center, now under the purview of the OISCD.
“Bertrum brings a wealth of knowledge and experience to OISCD and the CISO role,” said Adam Miller, OISCD’s deputy director. “He joins OISCD at a crucial moment as a number of key GTO initiatives gain momentum. Bertrum will step into this leadership position with the skill set and mindset needed to ensure these initiatives are successful.”
Carroll’s appointment comes as the state continues to formalize its centralized cybersecurity strategy.
“Before I set direction, I want to understand Nevada’s most important risks, where we are strong today and where we can improve,” Carroll said in a statement. “Cybersecurity is not about chasing perfection. It is about managing risk in a deliberate, responsible way that protects public trust.”
