Derek helps organizations understand their cybersecurity postures, identify their gaps, and determine how they can maximize their cybersecurity return on investment. With nearly three decades of experience, Derek specializes in information security, cybersecurity, and data privacy, as well as governance, risk, and compliance (GRC) and related business and IT transformation. An experienced interim chief information security office (CISO), head of information security, and large-IT-program manager, Derek has managed departmental and change budgets up to $85 million and 450 full-time equivalents, delivering digital transformation, cost optimization, and regulatory compliance. He also delivers board-level crisis simulations and pre- and postdeal M&A, cloud and supply chain cyberrisk management maturity diagnostics, and associated remediation guidelines.
Derek has an MBA in IT strategy from Open University and a range of professional certifications: ISC2 CISSP and CCSP; ISACA CRISC, CISA, CISM, and CDPSE; IAPP CIPM and CIPP/E; CompTIA CASP+, PenTest+, Cloud+, CYSA+, and Security+; and BCS CISMP.