• CISSP, CISM, CSF+P

Gary Gaskell is a highly regarded information and ICT security specialist serving industry and government for 24 years. He has published 50 articles in Australia and internationally. He combines excellent communications and business analysis skills with a thorough mix of technical and managerial security controls. In 2013 he was awarded “Information Security Professional of the Year – 2013” by AISA, the Australian Information Security Association.

His career highlights include:

  • Defining the security architectures for Internet and telephone banking systems
  • Designing and building the security for a classified Defence combat support system
  • Developing both the technical and managerial security plans for the new Queensland Public Safety Network with 600 sites shared by 3 different agencies
  • Developing pragmatic security plans for process control systems (SCADA)
  • Leading security reviews by the Queensland Audit Office.

Gary started out in the security space by developing an implementation of the RSA cryptosystem for the DSTC. He then integrated public key smart cards with the Kerberos network authentication system (now used by Microsoft). He worked on a defence project under a formal QA system taking on the responsibility for security design, implementation and testing.

Gary worked for the Information Security Research Centre at the Queensland University of Technology. During this time, he built his network security and system administration skills and was at the forefront of the University's security consulting program.

In 2001 Gary joined the Bank of Queensland as a security architect. When the bank outsourced its IT department he started a security and audit consultancy. He currently splits his time between security reviews, security planning, formal audits and ISMS development.

His specialties include: Security architecture and planning; Formal audits (security and IT general controls); Identification of security threats and vulnerabilities; Information Security Management System development; Application security controls; Cloud computing security; Business Continuity Management.