Member, Expert Network on Cybersecurity
World Economic Forum
Total years of experience :27 years, 2 months
The Forum’s Expert Network brings together leading experts from academia, business, government, international organizations, civil society, the arts, and the media committed to improving the state of the world by helping to shape the global agenda. The network focuses on collaboration around key insight areas, covering economies, industries and global issues. Specific insight areas for this domain include Cybercrime, Cyber War, Critical Infrastructure Protection, Cyber Privacy, Security of Things, and Technology & the Law. Advise governments, international organizations, and corporations that participate in the Forum's ecosystem.
Define, implement and oversee a strategic, comprehensive enterprise cybersecurity, privacy and IT risk management program in alignment with the overall strategic objectives of a project-based organisation with an operating footprint in 120 countries. Execute the end-to-end transformation of cyber response capabilities, including cyber risk governance, security architecture, threat intelligence, supplier risk management, identity & access management, and incident response, among others. Partner with all functional verticals such as internal audit, legal, technology, safety & security, and global hub and project leadership to facilitate collaborative risk governance in response to existing and emerging cyber threats. Assist developing nations in formulating cybersecurity programs, including knowledge transfer, risk assessment, policy development and technology deployment. Serve on the IT Steering Committee and Data Governance Board of the organization and on the United Nations Information Security Special Interest Group (UNISSIG).
Led the development of a comprehensive program to meet the capacity building needs of the individuals who design, deploy, secure, regulate and oversee Internet infrastructure across the globe. The program delivered training to 75, 000+ persons from more than 100 countries through online, blended and classroom-led courses, fellowship opportunities and leadership conferences. Training catalog included, but was not limited to, courses on Building Computer Security Incident Response Teams (CSIRTs), Core Internet Routing Security (MANRS), DNS Security (DNSSEC), IoT Privacy & Security, Managing Online Identity, and Internet Governance & Policy. Represented the organisation in key technical communities such as the IEEE, IETF, ITU, W3C, regional Internet registries (RIRs), research and education networks (RENs), and network operator groups (NOGs).
Reporting to the CEO, conducted a detailed cybersecurity capabilities maturity assessment, looking across people, process and technology and considering risk levels and impact. Developed a multi-year roadmap to enhance cybersecurity capabilities and deliver process improvements, including addressing key risk and compliance priorities and staffing requirements to support executive-level resourcing and investment planning. Performed oversight and assurance to ensure that recommendations were implemented in an adequate, effective and sustainable manner.
Successfully delivered a consultancy to perform a country-level cybersecurity capabilities maturity assessment and develop a 3-year strategic roadmap. The detailed scope of work included a risk-based assessment of critical domains that included national cybersecurity strategy, critical infrastructure (CI) protection, crisis management, incident response, legal/ regulatory frameworks, and education & workforce development. Developed and delivered a series of capacity building workshops for senior government officials, business leaders, and civil society representatives.
As a key member of executive leadership, spearheaded the digital transformation strategy of the group, implementing key systems such as core banking, Internet/mobile banking, reconciliations, data warehousing and anti-money laundering (AML) to deliver omni-channel customer engagement and adapt to emerging regulatory demands. Implemented a strategic cybersecurity program, premised on a ‘security by design’ philosophy and focusing on an adaptive layered security architecture, pervasive security awareness, and collaborative risk governance. Managed an annual CAPEX budget of USD$1.5M+ and OPEX budget of USD$3M+.
Oversaw the transformation of the organisation's legacy network and communications infrastructure into a best-in-class converged network, spanning 17 countries and supporting the core business lines. Led the strategic, tactical and operational aspects of routing & switching, messaging/collaboration, telephony and network security across the enterprise. Recruited, managed and developed a geographically distributed, high-performance, multidisciplinary team. Served on the Change Advisory Board and Technical Architecture Committee of the organisation. Managed an annual CAPEX budget of USD$6M+ and OPEX budget of USD$32M+.
Strengthened the business' control environment and overall technology risk and cybersecurity posture by leading more engaged and collaborative audit coverage for the Technology, Operations and Change Management business units. Successfully delivered key audit engagements such as Information Security Management, Business Continuity Management. IT Service Management, PCI-DSS Attestation, and Datacenter Operations, among others. Developed the enterprise's strategic information security roadmap. Served on the organisation's Operations and Technology Risk Committees.
Developed the group's overall audit approach for providing independent and objective assurance and consulting services designed to improve the effectiveness and efficiency of the Sint Maarten Telecommunications Group of Companies (Telem Group) operations in Sint Maarten, Curacao, Saba, St. Eustatius, and Dominican Republic. Directed the planning and execution of financial, regulatory, compliance and operational reviews/audits. Delivered key audit engagements such as Human Resources Management, Retail Store Operations, Warehouse & Inventory Management, SAP R/3 Project Implementation, and Cashflow Management.
Led all operational aspects of AT&T Wireless' mobile network, including data centre operations, facilities management, physical security, network security, field operations, switch operations, and staffing / recruitment, all towards optimising key processes and technology. Maintained wireless network operations according to defined SLAs and achieved the best network KPIs in AT&T Wireless International for two consecutive years. Led a multifunctional team of engineers, senior technologists and contractors. Managed an annual CAPEX budget of USD$2.5M+ and OPEX budget of USD$12M+.
Master of Laws (LLM), Internet Law & Policy
Master of Business Administration (MBA), Quality Management
Post-Graduate Diploma - Telecommunications Regulation & Public Policy
Awarded the UNESCO Scholarship