David Boucher

Cybersecurity Expert

David is a cybersecurity professional with 19 years’ experience. David specialises in security governance and compliance, and provides the following services to organisations:

• Security governance and policies to support business goals
• Risk management, assessment and mitigation through implementation of controls
• Security assurance in projects and business initiatives
• Regulatory compliance (data privacy/GDPR, PCI DSS, NIS2)
• Internal audits and assessments
• Third-party & supply chain assessments
• Tactical management in operations security, vulnerability management, penetration testing, network security and development security
• CERT/CSIRT, incident response management
• ICT security training and awareness

Throughout his experience with multinationals and SMEs in several countries, David has shown that it is critical to understand each individual organisation, their activities, culture and assets, as well as interacting closely with all security stakeholders including boards of directors, business managers and ICT operations team, in order to deliver a security posture and strategy that are tailored to the specific business needs of the organisation.

Education and Certifications:

• MSc in Security and Forensics
• CISA
• CISM
• CISSP
• ISO 27001 Lead Auditor
• ISO 27001 Lead Implementer
• ISO 22301 Lead Implementer
• QSA PCI DSS (2009-2017)