Key Focus Areas: Information Security (ISO/IEC 27001), Risk Management, Business Continuity (ISO 22301), IT Service Management (ISO/IEC 20000), Quality (ISO 9001) and ICT (TL 9000)
Robert Whitcher is an experienced Information Security professional with over 40 years in the IT industry and over 30 years in Information Security and privacy. Rob has performed various roles within Information Security, including; Chief Information Security Officer (CISO) for EMEA within a blue chip company, Privacy Officer within the same organization, Investigator of IT related crimes, internal auditor, policy development (including development of controls), Penetration Testing, security manager for health records going online in the UK and Technical Manager responsible for certification audits for a large certification body.
Rob has worked at the leading edge of Information and IT security. He is passionate about Information Security and as a systems programmer, he developed, delivered and implemented penetration testing within a blue-chip company. He was also at the leading edge of countering computer viruses and other malicious software. Robert was previously the Global Technical Manager within a large certification body for TL 9000, ISO/IEC 20000 (IT Service Management), ESD (Electrostatic Discharge) and the Americas Technical Manager for ISO/IEC 27001 (Information Security) and ISO 22301 (Business Continuity). In this role he was responsible for the program of how certification audits were conducted, the training and competencies of auditors, and ensuring all regulatory requirements were met. Rob was also one of the developers of ISO/IEC 27018 and ISO/IEC 27017 certification scheme within the CB. As a security consultant, he was the Information Security Manager for all health records going online within the UK and has audited numerous hospitals within the NHS trusts (UK health organization). As a Product Manager for BSI, Rob was responsible for the global transition of BS 7799 to ISO/IEC 27001, BS 15000 to ISO/IEC 20000, and was part of the development team for BS 25999-2 on Business Continuity (now ISO 22301).