I have over 20 years of overall professional working experience, with more than 15 years of senior level information security management responsibilities, including executive and board level program and risk reporting. As an Independent Management Consultant, I have been helping businesses and organizations identify, prepare for and mitigate cyber risks by providing counsel and expertise in risk management, strategy, and tactics.
My specialty is the development and maintenance of cyber and information security programs based upon the assessment of an organization’s risk profile and appetite. In addition, I have a diverse background and in-depth knowledge, skills, and abilities in enterprise level strategy and management of information security; operational risk; enterprise architecture; IT services; project and systems/software development life cycle; e-commerce; cloud computing; disruptive tech; digital banking and core business systems.
I am an active volunteer and a leader within the local, national and international cyber/information security, IT governance and risk community as well as served the ISACA Vancouver Chapter for eight years as President in executive and non-executive board positions, and in various committees with ISACA International.
Assists organizations with planning, growing, building on its strengths and anticipating opportunities and risks.
Implements practical solutions for current cyber security challenges.
Provides guidance and support to executive leadership and board members on cybersecurity risks and crisis/incident management.
Performs and oversees security risk management and compliance activities at the organizational and project level.
Develops strategies and cyber security programs in alignment with a company’s goals, objectives, and leading industry information security standards/best practices.
- Promoted the practices and the development of professionals in IT risk, governance of enterprise IT, information security management, and IT assurance within national and international communities.
- Developed and led the information security function for a large Canadian Credit Union for over a decade.
- Provided consulting services for MEC®, Great Canadian Gaming Corporation, BC Ferries, and sits on BC’s Provincial Security Advisory Council (PSAC).
Avantage’s cybersecurity risk management takes the idea of real world risk management and applies it to the cyberworld. It involves identifying a company’s risks and vulnerabilities and applying administrative actions and comprehensive solutions to make sure the organization is adequately protected.
- Risk Profiles
- Security Risk Management
- Policies and Governance