Carl B. Johnson

Carl B. Johnson is a cybersecurity executive and compliance strategist with more than 20 years of experience guiding organizations through complex regulatory and security challenges. As both President and CISO of Cleared Systems, Carl leads initiatives that help defense contractors, healthcare providers, and government suppliers meet stringent compliance requirements across ITAR, EAR, CMMC, DFARS, HIPAA, and NIST frameworks.

Carl’s expertise in export controls—including the International Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR)—has made him a trusted advisor to companies working with controlled technologies and sensitive defense-related information. He has helped numerous organizations navigate export licensing, technical data controls, and jurisdiction/classification requirements, while implementing policies that ensure both operational security and regulatory alignment.

Under his leadership, Cleared Systems has grown into a respected provider of information compliance consulting, vCISO services, penetration testing, and managed cybersecurity solutions. Carl is known for his practical, implementation-focused approach, helping clients move beyond checklists to achieve meaningful and sustainable compliance.

He is also the author of several books on cybersecurity, export controls, and compliance readiness, and frequently delivers training and awareness programs designed to empower teams with the knowledge they need to protect regulated data and avoid violations.

Based in Fairfax, Virginia, Carl continues to shape the security and compliance posture of organizations supporting U.S. national security and critical infrastructure. He maintains a strong digital presence through CarlBJohnson.com and shares insights and updates through Cleared Systems.