About me…

I consider myself a thought leader in information security management; actively challenging established practices with proven and practical alternatives. Over 10 years experience in management of information security, I am the lead author of the Information Security Management Standard O-ISM3, published by The Open Group in 2011. My unique skills are:

  • Making information security understandable for everyone, including the business stakeholders.
  • Translating business needs into security requirements.
  • Integration of information security with other IT practices (infrastructure, software development, outsourced services)
  • Designing and leveraging Information security metrics.

I am actively involved in the development of my profession: ex-President of the Spanish chapter of the Information Security Systems Association; Member of the Security Forum Steering Committee of The Open Group; ISMS Forum Member. My articles have been published in ISACA’s Control, the ISSA Journal, SC Magazine Online, Pentest Magazine, ENISA Quarterly, Revista SIC, Red@Seguridad.