From there, the security of the infrastructure and the eventual move toward technology risk management were my mainstays through the following two positions in financial services and healthcare. I found leadership, fiscal analysis and strategic thinking to be my forte; to bring my technical experience and be able to speak to both nontechnical people and technologists to “sell” the vision was what I wanted to be doing.
Recently, I was also the CISO and Privacy Officer for a technology company called ProQuest, where we found ways to get journals, periodicals, books and other scholarly information into the hands of those doing research. In addition to the technology, I also got to instil my ideas into the processes and mindset of both the internal operations of the company as well as to build security, privacy, business continuity and risk management into the products we develop for our customers to use. (N.B. All views expressed on this blog are my own personal views and do not necessarily reflect those of any former employer or customer).
In 2019, I launched Secratic, a security services firm focused on Fractional CISO/Chief Privacy Officer offerings, leadership development, and mentorship for technologists moving to security and privacy leader roles. Secratic focuses on medium and large businesses but also has been very helpful to startups that want to build their products with security and privacy from the get-go. Secratic has advised clients in higher education, health technology, publishing, compliance, and research technology.
Since 2022, I have served as the Chief Security & Trust Officer for Dotmatics, a bioresearch and development tech company. With a portfolio of nearly a dozen products, building a unified security, privacy, and compliance programme keeps our team very busy.
I have had the opportunity to drive several very cool programmes from concept to completion, including:
Building and running a vulnerability management programme
Building and running a security operations centre (SOC)
Building and running a global “green-field” InfoSec programme
Building and running an enterprise identity & access management programme
Building and running an international privacy protection and compliance programme
Consulting on secure business processes and related technologies as part of an agile development lifecycle
For my full C.V., please visit my LinkedIn page
All this security and risk in my life is fitting as I am a natural-born contrarian and enjoy picking out gaps and vulnerabilities and helping to resolve them.
As if being in a technology role daily is not enough, I love using technology in my home life. From mobile phones (I can never have too many, and I always love to test more!) to tablets, home video distribution, to vinyl analogue audio. If it has a plug and a screen, I am interested in using it.
As the father of a school-aged child, keeping the message strong on Science, Technology, and Math (and Space!) is a massive part of my life. From kitchen experiments to watching rocket launches, I am committed to spreading the word about STEM. It is how we can make the world wonderful through science, innovation and breaking new barriers (and teaching our kids how to be scientific!)
In the past few years, I got into triathlons and have done a few thus far. The training is excellent for your body and mind; if you want to get in really good shape, sign up for one and train for a tri! The triathlon world is very welcoming, and all you need are legs, a bike and a swimsuit – you have those, right? So, try a tri!