David has over 20 years’ experience in the IT industry, with 14 of those specifically in Information Security. During this time, he has specialised in information security governance, risk and compliance.
David is an ISO 27001:2013 Lead Auditor, an ASD certified I-RAP Assessor, Certified Information Security Manager (CISM) and a member of the Information Systems and Control Association (ISACA).
David is a member of the Australian Information Security Association (AISA) and has served as the convener for AISA’s ISMS User Group in the past, and his experience extends across the government, technology, media, industry, utilities, retail and financial sectors, ranging from small to large organisations.
He played a leading role in one the first organisations in Australia becoming certified to ISO 27001 and is a highly respected figure within Australia’s Information Security Community.
David sees the primary role of cyber security professionals as being to present sufficient information to the business in a manner that executives are equipped to make appropriate risk based decisions.
David maintains and has attained the following associations and qualifications:
- I-RAP Assessor.
- ISO 27001:2013 Lead Auditor.
- Payment Card Industry Qualified Security Assessor (lapsed 2016).
- Certified Information Systems Manager (CISM).
- Member Information Systems Audit and Control Association.
- Member Australian Information Security Association.