Richard G Young
Ph.D. CIA, CISA, CISM, CISSP, CGEIT, COSO
Founder & President
Dr. Young is a 23-year veteran in the Information Security & Cyber Risk environments with extensive hands-on expertise for establishing and maintaining the enterprise vision, strategy and program to ensure information assets are adequately protected using the best practices methodologies and tools relevant to IT Risk Management. Richard has previous successfully implements the 3 LoD (Line of Defense Model), designed and implemented Information Security Program, Enterprise Risk Governance Operating Model, Cyber Risk Management Program, Assess Cyber Risk leveraging the FFIEC CAT tool, developing corporate policies, standards, procedures including developing enterprise-wide risk appetite and reporting. Dr. Young has previously held various senior management positions at Barclays PLC (Chief Information Security Officer), Citigroup (SVP Information Security), Deutsche Bank (Americas Office – CISO), Freddie Mac (Director, Enterprise Risk Management). Dr. Young teaches a part-time program at Harvard University – Cybersecurity: Managing Risk in the Information Age.
Among other qualifications, Dr. Young holds a Master’s Degree in Cybersecurity from NYU School of Engineering, a Doctoral Degree in Management of Information Systems and various industry certifications.
Managing Director (South Africa)
Celiwe Mkorongo is a Business Development Strategist who builds and maintains lucrative partnerships and implements development strategies for corporate enterprises on the continent. A consummate executive with an entrepreneurial spirit and a drive for market differentiation, Celiwe is a visionary and goal-oriented business executive with demonstrated experience in researching, planning, developing, and implementing customised solutions aimed at identifying and optimising business opportunities. At DataSecure, among other things Celiwe is responsible for the development of strategic plans for competent implementation and operation of client services, product support, quality assurance, and training. As one of the Governance Risk and Compliance Leads at DataSecure, Celiwe advises organisations on any potential risks to the profitability or existence of the company. She helps identify and pursue growth opportunities in line with the DataSecure portfolio.
CISA, CISSP, CGEIT, COS
Third Party Risk Governance (COO)
Richard, Co-Founder and Chief Operating Officer of DataSecure, leads our audit and security teams. A former IT consultant for Ernst & Young, he translates his knowledge and experience into an effective, time-and budget-conscious project management style. He helps clients in every industry evaluate the security of their information systems, establish best practice controls and improve compliance with regulatory standards. Richards’s areas of expertise include security networks, infrastructure components and application systems; evaluating and improving user security awareness; and optimising internal policy structure to support organisational initiatives. He conducts vulnerability assessments, penetration tests and configuration reviews of various systems, platforms, network components and IP addressing schemes, as well as internal policy reviews and security controls assessments.
Identify & Access Management
Innovative, Sr. Identity Access Management SME with Implementation Solutions Engineering, Architect and Project/Program Management background. 20+ years of strong technical working knowledge coupled with managerial experience with a financial, commodities and software background. Experience with information security and concepts with an emphasis on IAM Governance, IAM Program Management, IAM Architecture, Privilege Access, RBAC, Unstructured Data, engineering/ analysis/administration of enterprise systems, access provisioning, access review, single sign on and federation. Background covers multiple industries, including financial, healthcare/biotech pharma and in depth trading floor experience with a solid understanding of overall IT infrastructure and SDLC. Quick problem solver in fast paced environments and works well under pressure, with a focus on root cause analysis and incident resolution. Motivated team player with ability to function independently. Well organized and consistently meets deadlines. Excellent interpersonal and communication skills with the ability to effectively interact with both technical and non-technical staff along with global clientele.
RK Nair is a 20-year Information Security Engineering, Privacy and Security Operations Center vateran. He is a specialist in Information Security solution analysis, design, implementation, auditing and maintenance. Includes work experience in Web Designing, IT logistics, Systems and networking. RK has enormous experience in various tools like GFI Languard, Websense, IPS, SSIM, other security tools. At DataSecure, RK is responsible for the Governance, Risk and Compliance (GRC) domain where we assist organization leverage GRC processes desired to establish a regulatory or internal framework for satisfying governance requirements, evaluate risk across their enterprise and track how the organization complies with the established governance requirements.
Mobile devices are redefining the security landscape and extending the corporate perimeter. There are numerous benefits, but organizations need to be prepared for a multitude of new challenges including loss and theft of device, access control, malware, mobile application vulnerabilities and enterprise authentication.
Real-time network monitoring and analytics allow you to know what’s happening on your network at any given moment - reducing the operational expense of time spent running down issues and increasing end-user satisfaction by fixing issues before they are noticed.