CISSP, CISM, CRISC, CSF+P, CCSP, CISA, ISO27001
Gary Gaskell is a highly regarded information and cyber security specialist serving industry and government for 28 years. He has published 50 articles in Australia and internationally. He combines excellent communications and business analysis skills with a thorough mix of technical, process and governance related security controls. In 2013 he was awarded “Information Security Professional of the Year – 2013” by the Australian Information Security Association. He was the Australian Computer Society’s first “Certified Professional – Cyber Security” in Queensland.
His career highlights include:
- Defining the security architectures for Internet and telephone banking systems
- Designing and building the security for a classified Defence combat support system
- Developing both the technical and managerial security plans for the new Queensland Public Safety Network with 600 sites shared by 3 different government agencies
- Developing pragmatic security plans for process control systems (SCADA)
- Leading security reviews by the Queensland Audit Office leading to improved technical and management security
- Helping to start the Crikey Con (security research and pen testing conference) to give Brisbane security professionals addition learning opportunities
- Helping start the AISA including starting the Brisbane branch of the AISA. He is one of the inaugural fellows of the AISA.
Gary started out in the security space by developing an implementation of the RSA cryptosystem for a co-operative research centre. He then integrated public key smart cards with the Kerberos network authentication system (similar to the authentication system now used by Microsoft systems). He worked on a defence project under a formal security design and accreditation scheme taking on the responsibility for security design, implementation, system certification and testing.
Gary worked for the Information Security Research Centre at the Queensland University of Technology – a cyber security research centre that opened in 1988. During this time, he built his network security and system administration skills and was at the forefront of the University's security consulting program.
In 2001 Gary joined the Bank of Queensland as a security architect. When the bank outsourced its IT department he started a security and audit consultancy. He currently splits his time between security reviews, security planning, formal audits and ISMS development.
His specialties include: Security architecture and planning; Formal audits (security and IT general controls); Identification of security threats and vulnerabilities; Information Security Management System development; Application security controls; Cloud computing security; Business Continuity Management and cyber security governance.
Gary has been assessed and accredited by ISACA to teach the CISM, CISA and CRISC certifications and accredited by the PECB to teach the ISO 27001 Lead Implementer and Auditor courses. He also delivers CISSP, CCSP and Cyber Security Foundation courses, integrating theory for each certification with real-world examples.