Kim Lucy

Kim Lucy currently serves as the Director of Standards in the Corporate Standards Group within Microsoft's Privacy and Regulatory Affairs organization, leading a team focused on governance, risk, and compliance in technology standards such as AI and cybersecurity. Prior to this role, Kim held positions including Sr. Privacy Program Manager and Sr. Information Security Program Manager, where responsibilities encompassed data governance, supplier security risk management, and ISO 27001 compliance. Earlier experience includes consultancy at Ernst & Young assessing IT system security for financial audits, and teaching assistant roles at the University of Washington while earning multiple degrees in Information Management and Art History. Kim holds an MS in Information Management, an MA in Art History, and a BA in Art History with a minor in Italian.