– Status: Managing Director at Safis Consulting AG, management consulting on cybersecurity, cybercrime, privacy and information risk management
– Member since : Founding member
– Languages: German, English
– Geographic coverage: International. Based in Zurich, Switzerland.
– My clients are: CxOs, CISOs and risk professionals of large and medium companies of all sectors (pharmaceutical, transportation, financial and chemical), operating in Switzerland and internationally, as well as public institutions (European Commission, Council of Europe) and government organizations in charge of national cybersecurity strategies.
– What I do: Cybersecurity transformation programs (shifting from protection-based approach to a detection/response based strategy), strategic cybersecurity consulting, coaching of company boards and CISO’s, information risk management, national cybersecurity strategies and assessments, cybersecurity capacity building
– How it helps: My focus is on defining and implementing cybersecurity / information risk strategies that consider the new reality. For private companies, this means transforming organizations from a protection based approach to a detection and response based approach and managing their information based on risk. For public organizations, this means reconsidering their approach to cybersecurity strategies, cybersecurity capacity building, national and international collaboration and measuring success of their strategies. The task at hand is looking beyond organizational silos and embracing a cross-disciplinary approach, which has been the common theme across my career. I help my clients to achieve this with a focus on tangible, pragmatic outcome-based strategies on both technical and organizational level.
– My background: Prior to forming my own company, I was Chief Security Advisor Europe, Middle East and Africa for Microsoft from 2011 – 2014 consulting governments and CIIP actors on cybersecurity topics. From 2003 – 2010, I was Global Head Policies and Frameworks for Novartis implementing global information risk management, information security and compliance programs. From 1999 – 2003, I was a risk management & security consultant as well as IT auditor for PricewaterhouseCoopers. In total, I have over 20 years’ experience in the area of Cyber Security, Risk Management, Audit, Compliance and Fraud Detection.