
Head of Information Security at KAUST
Saudi Arabia

Head of Information Security at KAUST
Saudi Arabia
Phil is regarded as one of the Europe's leading information security and compliance specialists. He has over 20 years experience gained in a variety of high-profile technical and managerial security roles.
• He has worked extensively in the field of penetration testing, audit, firewall design and management, implementation of ecommerce security and PKI deployment.
• From 1998-2000 Phil was CISO for Japanese investment banking giant Nomura.
• He is an active member of a number of European industry advisory panels.
• Was principal consultant heading the penetration testing practice of Zergo in 1997
• Writes regularly for industry press including Computer Weekly and Computing.
• Phil worked with UK government departments on the design, implementation and operations of a new connection to the government network and BS7799 compliance.
His publicity on the subject of wireless security have made Phil somewhat of a security celebrity with appearances on TV and in national press. He was responsible for the first published war-driving surveys in London, 2001 and has continued to revisit this each year on behalf of RSA Security.
A regular keynote speaker at National and International conferences, Phil offers a unique insight into the world of information security, hacking and risk management.
In 2006 Phil became the UK President of the ISSA (Information Systems Security Association) and sits on a number of committees and steering groups for ISO27001 user group, IISP, Eurim and IRM.
He was CTO of uk-based security product company NetSurity Ltd.
Risk Management, Security Audit, Penetration Testing, Encryption, BS7799 gap analysis, wireless security, firewall design, security management.
(Educational Institution; Higher Education industry)
July 2009 — Present (5 months)
(Privately Held; Telecommunications industry)
August 2008 — July 2009 (1 year )
Head of Compliance with some audit and CISO responsibilities.
Got Skype through PCI DSS 1.2 in Dec 2008 and ran the SOX program for EBay at Skype in 2009.
(Public Company; EBAY; Internet industry)
August 2008 — August 2008 (1 month)
Global responsibility for legislative and regulatory compliance at Skype
(Information Technology and Services industry)
2007 — 2008 (1 year )
(Privately Held; 10,001 or more employees; Management Consulting industry)
October 2006 — May 2008 (1 year 8 months)
With a practice of almost 100 UK-based security professionals, our Security and Privacy practice offers the usual big 4 high quality security consultancy with some unique elements including 15+ people in our SAP security group and 15+ in the Oracle security team. We are now Europe's largest independant security practice.
(Non-Profit; 5001-10,000 employees; Security and Investigations industry)
September 2006 — September 2007 (1 year 1 month)
UK President (2006-7)
(Public Company; 10,001 or more employees; Information Technology and Services industry)
March 2006 — August 2006 (6 months)
Responsible for service offering, practice management and high-level client delivery.
(Privately Held; 1-10 employees; Information Technology and Services industry)
September 2003 — February 2006 (2 years 6 months)
Formed netSurity in Sept 2003. Innovative R&D security company. netSurity has produced three security products which were launched at InfoSec 2004 and 2005. Latest product suite is iQSM - an all encompassing risk management suite taking the market by storm with high profile early adopters. For details see - http://www.iqsm.co.uk.
http://www.netsurity.com - Corporate site
(Government Agency; 201-500 employees; Government Administration industry)
March 2003 — August 2005 (2 years 6 months)
(Information Technology and Services industry)
2001 — 2001 (less than a year)
(Public Company; 5001-10,000 employees; Information Technology and Services industry)
May 2000 — June 2001 (1 year 2 months)
(Public Company; 8604 JP; Financial Services industry)
April 1998 — May 2000 (2 years 2 months)
(Information Technology and Services industry)
1996 — 1997 (1 year )
(Information Technology and Services industry)
1993 — 1997 (4 years )
Snowboarding, Gym, Travel, Boats
BCS Security Group
March 2001 - Passed CISSP exam. (CISSP)
July 2003 - Made a Fellow of the British Computer Society (FBCS)
May 2005 - Member of the Institute of Risk Management (MIRM)