ACA Aponix Expands Team of Cybersecurity and Risk Professionals

Publish Date


Press Release

  • Cybersecurity
  • ACA News

ACA Aponix, a division of ACA Compliance Group, has expanded its team of cybersecurity and risk professionals with new employees who have extensive experience in various industries including financial services and banking, healthcare, manufacturing, real estate, and higher education. Recent new employees include:

  • David Asher — David is a Senior Principal Consultant based in Washington focused on M&A IT, cybersecurity, and privacy diligence for our private equity and strategic buyers. David has over 25 years of global business and technology experience across various industries including manufacturing, metals/mining, healthcare, and professional services. Most recently, he was a Director at Alvarez and Marsal in the Private Equity practice. Previously, he was a Senior Manager at West Monroe Partners focused on M&A diligence.
  • Steve Blossom — Steve is a Senior Principal Consultant based in North Carolina focused on investment adviser security assessments and testing. Prior to ACA, he was the CISO and VP of Information Security responsible for the global information risk and cybersecurity program at Ares Management LLP, a multi-national alternative asset manager with over $100 billion under management across credit and private equity strategies.
  • Jeff Rowley — Jeff is a Principal Consultant based in North Carolina focused on vendor management program development. He has over twenty years of experience in technology and risk in the financial sector. Most recently, he served as a Third-Party Risk Specialist at Prevalent. Prior to that, he was a Vice President for Bank of America Merchant Services where he was responsible for designing, implementing, and sustaining OCC compliant third-party programs.
  • Paul Schappell — Paul is a Principal Consultant based in Pennsylvania focused on privacy regulatory compliance, including GDPR. Prior to ACA, Paul served as a Privacy Manager in Ernst & Young’s cyber practice where he oversaw multinational privacy gap assessments and program implementations for Fortune 100 and Fortune 500 companies against regulatory and industry frameworks (e.g., GDPR, HIPAA) and led sizable build-outs of binding corporate rules (BCRs).
  • Mike Stansbury — Mike is a Principal Consultant based in San Diego focused on M&A IT, cyber, and privacy diligence and cybersecurity risk assessments. He has over 25 years of experience in information technology within Fortune 500 and smaller startup organizations in banking, financial services, real estate, higher education, and clinical healthcare. Before ACA, Mike assisted companies such as Bridgepoint Education, SAIC, and MetLife with developing technology strategies and implementing highly scalable and secure networks, applications, and systems.
  • Christine Tetherly-Lewis — Christine is a Principal Consultant based in Massachusetts. She has over 15 years of experience in technology and risk in the financial and banking sectors. Most recently, she served as Vice President of Information Technology at Centreville Savings Bank where she was responsible for overall management, implementation, and support of all technology for the bank’s seven branches. Previously, she was a Director of Technology at Providence Equity Partners, a global private equity firm with over $45 billion under management.
  • Raana Tivnan — Raana is a Senior Principal Consultant based in Massachusetts. She has over 21 years of experience in information technology within the banking, financial services, education, and nonprofit industries. Most recently, she served as the Director of Information Technology and CISO at the Boston Trust & Investment Management Company.

“We’re excited to welcome David, Steve, Jeff, Paul, Mike, Christine, and Raana to the team,” said Mike Pappacena, Partner at ACA Aponix. “They have a tremendous set of expertise across numerous technologies, regulations, and industries that will help us expand the depth and breadth of services we offer to our clients.”

About ACA Aponix

ACA Aponix provides cybersecurity and technology risk assessments, vendor and M&A diligence services, network testing, and advisory services. Our team of highly experienced technologists combines expertise across the breadth of cybersecurity and information technology. Our award-winning Technology Risk Assessment is designed to address the latest requirements from regulators and boards. We offer a suite of consulting and advisory services designed to help firms uncover risks and identify deficiencies in their cybersecurity policies, procedures, and controls.

About ACA Compliance Group

ACA Compliance Group (“ACA”) is a leading provider of risk management and technology solutions that focus on regulatory compliance, performance, financial crime, and cybersecurity. We partner with our clients to help them mitigate the regulatory, operational, and reputational risks inherent in their business functions. Our clients include leading investment advisers, private fund managers, commodity trading advisors, investment companies, broker-dealers, and domestic and international banks. Our products include standard and customized compliance packages; cybersecurity, AML, and risk assessments; GIPS® verifications and other performance services; and a wide variety of business advisory and technology solutions for financial services firms.

For More Information

For more information, please contact your ACA Aponix consultant or email us at