I specialize in preventing and defeating the unthinkable – threats through which computers could turn people’s physical lives upside-down.
I never expected, when I left law enforcement for cybersecurity, to find people’s lives and well-being in as much danger from cyberspace as from traditional physical threats. But, with the growing trends in Cyber-Physical Systems (CPS), Internet of Things (IoT) and Industrial Control Systems (ICS) placing more of our physical world under the control of computers, individuals with malicious intent have unprecedented access into systems that manipulate essential elements of your life.
So, my work life revolves – in best cases – around identifying risks and preventing cyberattacks, and – in worst cases – around undoing the damage when businesses fail to recognize vulnerabilities before someone exploits them. Working as a Partner at PwC offers me some of the best cybersecurity resources in the world and exposure to some of the toughest and most interesting cybersecurity challenges.
PwC has entrusted me with a leadership role in a multidisciplinary team of cybersecurity, technology risk and systems integration professionals who provide a full range of cybersecurity, IoT security, ICS security and data protection services across the whole lifecycle – from assessment, strategy and design to implementation and operation.
On occasion I have acted as an interim CISO / CTO for clients, taking on full responsibilities of the roles and successfully delivering major transformation programs of up to US$500M budget with teams of 1000+.
Although my teams have successfully implemented solutions to help many businesses to avoid cyberattacks, prevention is not always possible. I also help our clients prepare for and respond to unavoidable cyber and physical impacts. I lead our Enterprise Resilience services, including Business Continuity Management, Incident Management, Crisis Management, Disaster Recovery Management and Emergency Management services.
My experience enhancing security for world-class companies has placed me in a position where I am frequently invited to present at events or to speak to boards of directors, governments and intergovernmental organizations. There, I hope to heighten awareness of the security challenges that Cyber-Physical Systems (CPS), Internet of Things (IoT) and Industrial Control Systems (ICS) pose, so that more of them will be properly secured from the devastating consequences that compromised systems could inflict on people.