Top of Page
 

Advisory Councils


(ISC)²’s Global Advisory Councils represent a group of senior-level information security professionals in their respective region who advise (ISC)² on industry initiatives, policies, views, standards and concerns. The goals of the advisory councils are to offer deeper insights into the needs of the information security community in each respective region; discuss matters of policy or initiatives that drive professional development; provide feedback on (ISC)² programs, activities and opportunities; and make introductions to influential organizations, bodies, institutions within government and industry with which (ISC)² should engage.

(ISC)² currently enlists the expertise of two advisory councils, including:


Council Members

  • Asia-Pacific Asia-Pacific
    dr-lee-jae-woo
    CHAIR: Dr. Jae-Woo Lee, Fellow of (ISC)², CCFP-KR (Korea)

    Chair Professor, Graduate School of International Affairs and Information Security, Dongguk University

    Dr. Jae-Woo Lee is the Chair Professor at the Graduate School of International Affairs and Information Security, Dongguk University and the President of the Cyber Forensic Professional Association in Seoul. He is also the Chairperson of the (ISC)² APAC Advisory Council and serves in the Advisory Board of the CISO Association in Seoul.

    Following his retirement from his position as a Major General in the Korean Air Force, Dr. Lee pursued his career in the information security profession. He holds a Master of Science degree in Systems Management from the University of Southern California in the U.S. and received his Doctorate degree from Konkuk University in Korea.

    Dr. Lee has served in numerous leadership and advisory capacities within the industry, including the first president of the Korea Information Security Agency, the organizer of the Korea National Computerization Agency, a board member of the Korean Governmental Security Committee, the chairperson of the National Information System Security and Audit Committee, an advisory board member of the Office of Supreme Public Prosecutor and an advisory board member of the Ministry of National Defense. He received three major medals and presidential awards from the South Korean government and the Legion of Merit Medal from the U.S. His writings and published books include Information System Audit Manual, Guidelines for Information Systems Security, System Security Management and Cyber Warfare.

    Dr. Lee received the (ISC)² Harold F. Tipton Award and the 'Grand Prix' of Cyber Security Professional Korea. He was also selected as the Global Cyber Security Professional Top Ten.

    Prinya Hom-anek
    Prinya Hom-anek, CISSP, CSSLP, SSCP (Thailand)

    President & Founder, ACIS Professional Center

    Prinya Hom-anek has over twenty years of Information Technology (IT) and Information Security specialist since he graduated from Chulalongkorn University earning Bachelor Degree in Electrical Engineering and MBA from Assumption University and Honorary degree in Doctor of Science from Rajamangala University of Technology Suvarnabhumi. He composed exceptional skill and interested in consulting and training experience in Network and Data communication, Internet and Network Security, Information Security, Fraud and Forensic Investigation, Penetration Testing, ISMS and generic information security consulting in both public and private sectors. He is recognized as a pioneer in the field of information security in the Asia-Pacific region. He is an advisor to the Thai Ministries Defense and Ministry of ICT on national cybersecurity issues.

    He also serves on several boards, including the (ISC)2 Advisory Council – Asia-Pacific, ISACA Thailand Committee, and ITSMF Thailand Committee, Electronic Transaction Commission Security sub-committee and Thailand Information Security Association (TISA) committee and secretary. His objective is implementing Thailand’s first National Cybersecurity Awareness Program, he investigated successful national cybersecurity strategies; training programs for IT professionals; and mechanisms to educate technology users about best practices in cybersecurity.

    He publishes many Information Security articles over 130 articles in magazines and newspapers such as eEnterprise, eLeader, Telecom Journal, Thairath, DailyNews, The Nation and Bangkok Post. As his latest book launched 2018 is Strategy to Cybersecurity 4.0. He is frequently invited to appear in TV and radio program in Thailand providing his expert opinion on Information Security related topics.

    He has founded and oblige as the president of the most successful Information Security Training, Consulting and Managed Security Services Provider in Thailand called “ACIS Professional Center” or “ACIS”. He has grown ACIS into one of the leading information security training and consulting firms in Thailand. In order to provide the turn-key solution of SAAS, Cybertron has been established under his leadership of business and technical management as a CEO.

    As a Global Cybersecurity expert, Prinya has provided enormous consultancy for many international organization and he is a visiting lecturer at a number of universities and college within Thailand on Information Security and IT audit.

    haruto-kitano
    Dr. Haruto Kitano, CISSP (Japan)

    Partner
    Deloitte Tohmatsu Risk Services Co., Ltd.

    Dr. Haruto Kitano is currently a Partner of Deloitte Tohmatsu Risk Services Co., Ltd. His consulting focuses on security and risk management governance, database security, identity management, regulatory compliance and privacy.

    Dr. Kitano is currently a committee member of the Database Security Consortium in Japan and a member of the (ISC)² Asia-Pacific Advisory Council. He has been working in the IT and security industry in Japan for 30 years. He had been a telecommunication and internet networking engineer for 10 years and previously worked at Oracle for 11 years specializing in database security and identity management. He has been delivering GDPR and other privacy services for the last six years at Deloitte and is recently focusing on IoT security.

    He earned a Doctor of Informatics degree and a Master of Informatics degree from the Institute of Information Security (IISEC), the first Japanese graduate school specializing in information security, where he researched security management and information protection against internal threats.

    Choon Bong Wong
    Choon Bong Wong (Singapore)

    Deputy Director, Ecosystem Development, Cyber Security Agency of Singapore (CSA)

    Choon Bong heads the manpower development team and the Strategic Resources and Policy Office in CSA. His responsibilities for the former role include developing a robust pipeline of cybersecurity talents in Singapore, strengthening career and skills development of cybersecurity professionals, and providing oversight to the CSA Academy.

    Prior to joining CSA, he was a Deputy Director in the Cyber Security and Resilience Division (CSRD) in the Ministry of Communications and Information (MCI), Singapore.

    Choon Bong holds an MBA from Nanyang Technological University, a M.Eng. (ECE) from Cornell University, and a B.Eng. (EE) from the National University of Singapore.

    Meng Chow Kang
    Dr. Meng-Chow Kang, CISSP (Singapore)

    Head, Security Assurance, Asia Pacific Region
    Amazon Web Services (AWS)

    Dr. Meng-Chow Kang has been a practicing information security professional for more than 25 years with field experience spanning from technical to management in various information security and risk management roles, including the Singapore Government, major multinational financial institutions as well as global security and technology providers. His research and part of his experience in the field have been published in his book, Responsive Security – Be ready to be secure by CRC Press in Oct 2013. His contributions to the information security industry and community have also been marked by numerous industry awards.

    As the leader of the security assurance team at AWS in the Asia Pacific, China and Japan region, Dr. Kang works with customers to identify and address related concerns and needs in cloud computing security.

    Dr. Kang has been active in the information security community. He was elected as a director of the (ISC)² Board in Jan 2015 and received the (ISC)² James Wade Service Award in 2014. Dr. Kang has been contributing to both local and international security standardization efforts since 1998, in which he has held the chair and editorial positions in several committees and working groups in Singapore’s national standards body, ITU-T SG17 and ISO/IEC JTC 1 SC 27. Dr. Kang is also the Co-Chair of the Regional Asia Information Security Exchange (RAISE) Forum, which he co-founded with a group of security experts in 2004. Moreover, Dr. Kang continues to conduct research and teach information security as an Associate Professor (Adjunct) at the School of Computer Science and Engineering, Nanyang Technology University in Singapore.

    Dr. Kang received his MSc degree in Information Security from the Royal Holloway and Bedford New College, University of London and completed his PhD in Information Security Risk Management at Southern Cross University, Australia. He has also been a CISSP since 1998.

    jill-slay
    Prof. Jill Slay AM, PhD, Fellow of (ISC)², CISSP, CCFP-US (Australia)

    Optus Chair of Cyber Security, La Trobe University

    Professor Jill Slay is the Optus Chair of Cyber Security at La Trobe University, leads the Optus La Trobe Cyber Security Research Hub, and is the Director of Cyber Resilience Initiatives for the Australian Computer Society. Jill is a Director of the Victorian Oceania Research Centre and previously served two terms as a Member of the Board of Directors of (ISC)².

    She has established an international research reputation in cybersecurity (particularly digital forensics) and has worked in collaboration with many industrial partners. She was made a Member of the Order of Australia (AM) for service to the information technology industry through contributions in the areas of forensic computer science, security, protection of infrastructure and cyber-terrorism. She is a Fellow of ACS and a Fellow of (ISC)², both for her service to the information security industry (and is MACS CP and holds CISSP and CCFP certifications).

    In her work with the Australian Computer Society, she has led a cyber task force that established the National Professional Standards in cybersecurity for Australia (launched by Minister Dan Tehan on September 6th) and oversaw the implementation of these standards, provided education products and programs and the standing up of an accompanying new cybersecurity curriculum for Australian universities that is also under development as part of this project.

    She has published more than 120 outputs in information assurance, critical infrastructure protection, security and forensic computing in the last 10 years. She has completed the supervision of 20 PhDs, many Masters and Honours theses. She has also been awarded over AUD 2.5 million in research income.

    Wan Suk Yi
    Dr. Wan S. Yi, CISSP (Korea)

    Vice-President, Information Security Industry Group, Korea Internet & Security Agency

    Dr. Wan S. Yi is the Vice-President, Information Security Industry Group in Korea Internet and Security Agency (KISA). He received his BS degree in Computer Science from Virginia Polytechnic Institute and State University in U.S. He also received his MS degree in information security from Dongguk University and his Ph.D. in Computer Engineering from SungKyunKwan University in Korea. Since 2014, he has been an adjunct professor at SungKyunKwan University. He served in a variety of important career building assignments including the Director of Incident Prevention Division, Internet Industry Division, Infrastructure Protection Division and Regional Information Security Center. He also served as the Vice-President of International Cooperation Group. Before joining KISA, he worked for Hyundai Information Technology, LTD. During his military service, he was an Aide de Camp for Deputy Commander in Chief, ROK/US Combined Forces Command. He retired from service in 1994 as a Korean Air Force lieutenant. His awards include two ROK/US CFC DCINC Awards in 1993 and 1994, the US Army Achievement Medal in 1993, the Commendation Medal in 1993, the National Intelligence Service Award in 2000, the (ISC)² ISLA Asia-Pacific Honoree in 2008, the (ISC)² President’s Award in 2008, the Minister of Public Affairs and Security Award in 2009 and 2016, and the ROK President Award in 2012.

    Dr. Kamlesh Bajaj
    Dr. Kamlesh Bajaj, Ph D (India)

    Former CEO, Data Security Council of India;
    Founder Director, CERT-In

    Dr. Kamlesh Bajaj holds a Ph.D. degree in Physics from McMaster University, Canada and a Master’s degree in Physics from the University of Delhi. He is a Fellow of the National Academy of Sciences (FNASc) and a Fellow of the Institution of Electronics and Telecommunication Engineers (FIETE). He is also a Distinguished Fellow of EastWest Institute (EWI), New York. Dr. Bajaj was the Founder and CEO of the Data Security Council of India (DSCI) – an industry initiative in cybersecurity and data privacy. At DSCI, Dr. Bajaj guided the development of best practices and frameworks for data security and privacy protection. He has served on various government committees on cybersecurity, privacy and information and communications technology (ICT), and contributed to the activities of global bodies like the Organisation for Economic Co-operation and Development (OECD) and EWI. He was also the Founder and Director of the Indian Computer Emergency Response Team (CERT-In). He directed the cybersecurity initiatives in the government. He has published and lectured extensively on the IT Act 2000, cybersecurity, cybercrimes, privacy and data protection, internet governance, e-commerce and digital signatures in national and international journals and conferences. He has authored two books and co-authored two books. Dr. Bajaj also helped set up the techno-legal infrastructure for public key infrastructure (PKI) in the country. He also served as the Global Head of Information Risk Management Consulting Practice, Tata Consultancy Services.

    Dr. Bajaj was a member of the NASSCOM Cyber Security Task Force that made recommendations to the Government of India on policies, skill development, research and development, start-ups, technology and industry development for India to emerge as the global hub of cybersecurity services and products.

    He consults with industry and think tanks on cybersecurity and privacy protection.

    EIJI KUWANA
    Dr. Eiji Kuwana, CISSP (Japan)

    Executive Vice President, Chief Information Security Officer, Managing Director of Security Business Headquarters, NTT Advanced Technology Corporation

    Dr. Kuwana is the executive vice president and chief information security officer of NTT Advanced Technology Corporation of the NTT Group, a global leader in information and communications technology. He is also a member of expert panel for Science and Technology Policy, Council for Science, Technology and Innovation, Cabinet Office of JAPAN from 2017.

    Dr. Kuwana joined NTT Laboratories in 1984, and has since held positions of increasing responsibility in research, engineering, and management. Dr. Kuwana led the NTT research and development efforts for cloud and cyber security technologies as the Executive Vice President and Chief Operating Officer of NTT Innovation Institute, Inc., the Silicon Valley-based R&D arm from 2013 to 2015, as the senior vice president and director of the NTT Information Sharing Platform Laboratories and the NTT Secure Platform Laboratories from 2010 to 2013.

    Dr. Kuwana has published more than 40 scholarly works on the subjects of computer networks, software engineering, and multimedia technologies, and he holds more than 30 patents. He served as the supervisor of translation projects of Official (ISC) 2 Guide to the CISSP CBK (Fourth Edition) and CISSP Official Practice Tests. He also served as a technical program committee member for conferences produced by the Association of Computing Machinery (ACM) the Institute of Electrical and Electronics Engineers (IEEE), and the Information Processing Society of Japan.

    Dr. Kuwana received his B.E. and M.E. degrees in Computer Science from the University of Electro-Communications in Tokyo in 1982 and 1984, respectively. Also he earned his Ph.D. in Computer Science from the University of Tsukuba in 2000. He was a visiting research scientist at the University of Michigan from 1991 to 1992.

    Andy Ho, CISSP (Hong Kong)

    President, (ISC)² Hong Kong Chapter;
    Senior Security Manager, Corporate Security Investigations, IBM

    Commencing his career as a security analyst, Mr. Ho spent more than 25 years of his time dedicated to the security profession and has worked throughout the Asia Pacific countries.

    As a security professional, Mr. Ho has been responsible for performing and managing a wide range of security tasks including digital forensic and tactical investigations, information security risk and threat assessments, security surveys, crisis management and emergency response planning program.

    Mr. Ho is currently the corporate Senior Security Manager of IBM in Greater China. He is the founding president of (ISC)² Hong Kong chapter and was the (ISC)² 2007 awardee in the Senior IT Security Professional category of the Asia Pacific Information Security Leadership Achievements Award.

    Mr. Ho obtained his Juris Doctor degree from the Chinese University of Hong Kong and an MSc degree in Systems Engineering & Engineering Management from the same university.

  • Latin America Latin America
    Kleber Candido de Melo
    CHAIR: Kleber Candido de Melo, CISSP (Brazil)

    Founder and Senior Consultant, KCMelo Consulting

    Kleber Melo has 27 years of experience in IT, Information Security, Business Continuity and Fraud Prevention leading local and regional multidisciplinary teams of employees, contractors and suppliers. He provided strategic support for secure development of new products, providing enterprise solutions for information protection, vulnerability assessment, encryption, server hardening policy, forensic, ethical hacking, security architecture, card encryption solutions and polices. Project management experience, leading national and international teams to select and deploy information security solutions. Knower of infrastructure technologies (firewall, proxy, identity management, DLP, behavior score, adaptive authentication, web filter, HSM encryption, cloud, etc.), security management and systems development controls. Conference speaker and College professor since 1999 CISSP certified since 2003, serving ISC² as Co-Chair for LA Advisory Board since the program started, and as ISLA judge in 2011 and 2013. Career path started at IBM and followed by Sudameris, HSBC and Original Banks in Brasil as CSO. Founder of KCMelo Consulting in 2011 providing security consulting service to brazilian market. English and Spanish fluently Native Portuguese.

    Gerardo Castillo
    CO-CHAIR: Gerardo Castillo, CISSP (Costa Rica)

    IT Infrastructure Manager for Latin America, National Instruments Costa Rica

    Seasoned Information Security professional with close to 9 years of international experience managing IT, Information Security, and Business Continuity programmes over a broad variety of industries. Proven experience implementing and operating world-class IT processes that focus on end-to-end service delivery, customer satisfaction, vendor management, and risk management. Currently Gerardo is the Latin-American IT Infrastructure Manager for National Instruments from this position he is influencing change to ensure Information Security best practices are adopted. Gerardo holds a Bachelor's Degree in Electronics Engineering from the Instituto Tecnológico de Costa Rica and a Master’s Degree in Information Technology Management from the Universidad Nacional. He has been a Certified Information Systems Security Professional (CISSP) since 2007 and a Certified Business Continuity Professional since 2008.

    Gabriel Bergel, CISSP
    Gabriel Bergel, CISSP, CISM (Chile)

    Head of IT Security, ING

    Gabriel Bergel is currently head of IT security for ING in Chile with nine years of experience in the information security field. His experience includes: consulting; project management; security engineering; and information security leadership. He is also founder and organizer of the 8.8 Computer Security Conference, founding member and current President of the ISSA Chile Chapter, member of the Academic Committee of Segurinfo Chile, and member of the board of CSA Chile. He has conducted information security courses, speeches, workshops and forums in different institutions, universities and events in Chile and throughout Latin America.

    Daniel Diniz
    Daniel Diniz, CISSP (Brazil)

    Information Security Officer, MAC

    Daniel Diniz has worked in information security, auditing and related disciplines for the Brazilian government and within the Brazilian information technology services sector for more than 15 years. He is currently information security officer at an engineering & construction company. He is part of the pioneering group of Brazilian CISSPs. He is a member of the (ISC)2 Latin American Advisory Board and volunteers as the head of Safe and Secure Online (SSO) Program committee in Brazil. Daniel is working hard to bring the SSO to his country to benefit Brazilian children and teens using the Internet.

    Geraldo Fonseca
    Geraldo Fonseca, CISSP (Brazil)

    Corporate Information Security Officer, ONS

    Geraldo Fonseca has 10+ years of experience as an Information Security Manager, working for such industries as energy, manufacturing, insurance and government. He holds a major degree in Computer Sciences in Catholic University of Rio de Janeiro (PUC-RJ) and has been a CISSP since 2008.

    Walmir Freitas
    Walmir Freitas, CISSP (Brazil)

    Managing Director, Accenture

    Walmir Freitas is currently Managing Director at Accenture with over 20 years of experience in Information Technology, including 18 years in Information Security, IT Governance, IT Auditing and Risk Management in Brazil and a global intra-company assignment to North America. Extensive experience in Consulting Services, including over 14 years in Deloitte and close to two years in EY. He was also CISO in Fidelity information Services (FIS) and IT Auditing and Internal Controls for Brazilian Mercantile & Futures Exchange (BM&F). Walmir holds the CISSP credential for over 15 years. Additionally, he holds other relevant certifications in the field of information security.

    Jefferson Gutierrez
    Jefferson Gutierrez, CISSP (Colombia)

    Manager, Risk Consulting, KPMG Advisory Services Ltda

    Jefferson Gutierrez is currently in charge of the Information Protection Advisory Services for KPMG’s practice in Colombia, where he is responsible for overseeing information security engagements, including vulnerability assessments, risk analysis, security audits, secure infrastructure design, forensic analysis and corporate policy review & development. He is a professional focused on risk management and information security governance with hands-on experience in risk analysis, security audits, corporate policy review & development, information security architecture review and design, vulnerability assessments, ethical hacking and ISO/IEC 17799:2005 compliance engagements.

    Nelson Novaes
    Nelson Novaes, CISSP, CISM, CBCP, ITIL, MBA (Brazil)

    Superintendent, Holding Itaú Unibanco S.A

    Nelson Novaes Neto is an entrepreneur, engineer, holds postgraduate in InfoSec by University of São Paulo, MBA by FGV and Master’s degree in Experimental Psychology by PUC/SP. He has broad experience in internet industry, product development, internet security and research. He also has several international certifications. He is a superintendent at Holding Itaú Unibanco S.A, the largest financial conglomerate in LATAM and present in more than 25 countries. For over a decade, Novaes was CSO of UOL Group, the biggest online service and Internet service provider in LATAM.

    Ramiro Rodrigues
    Ramiro Rodrigues, CISSP (Brazil)

    Chief Information Security Officer, Experian Latin America

    Ramiro Rodrigues is the Chief Security Officer for Experian Serasa Latin America. Formerly Chief Information Security Officer at DocuSign Latin America also former Chief Security Officer for BT- British Telecom Latin America. With more than 15 years of experience in risk management, compliance, internal controls, cyber security and corporate security. Experience in information security with managerial and hands-on expertise in security technologies, process, policies and architecture to protect complex business digital assets. Responsible for the overall company security and risk posture – both internally as well as customers facing by creating value and delivering trust to online business

    Ezequiel M. Sallis
    Ezequiel M. Sallis, CISSP, CEH, MBCI, QCS (Argentina)

    Senior Information Security Specialist, Root-Secure Director

    Ezequiel Sallis is currently a director at Root-Secure, where he is in charge of the research and development, specifically, innovation in education and services orientated on information security. With over 10 years of experience, Mr. Sallis is an instructor for various international certifications in Latin America and has carried out many consultancy projects related to the ISO 27000 family of standards, with the Security Analysis (Vulnerability Assessment, Penetration Test and Ethical Hacking). He is currently Vice President of the ISSA chapter in Buenos Aires Argentina and is co-author of Ethical Hacking - a Methodological Focus for Professionals. He provides free security awareness sessions for school-age children and their families.

OK