CyberStrategy

This website is about cybersecurity strategy, governance and transformation. We provide guidance for security managers, officers and architects in areas of cybersecurity, simplicity and leadership.

Our Focus Areas

Strategy

We describe strategies, components, trends and solutions that will help you to protect critical assets of your organization.

Simplicity

We believe in simplicity – lean and agile approaches to managing security risks. Simple frameworks and security programs.

Leadership

We focus on efficient techniques to manage your security transformation and influence the world around you.

About the Author

Marcin helps organizations to assess cybersecurity capabilities and define agile and lean security strategies adapted to the requirements of the future. He has 18 years of experience in information security management, data protection, and change management. Previously, he worked for Deloitte and was responsible for cybersecurity governance, strategy, and transformation services in Central Europe. He helped assess or define cybersecurity strategies for 14 organizations and led more than 30 information security projects covering cybersecurity governance, IT security audits, access management, vendor risk management, and cloud security. He also worked as Security Manager and Chief Information Security Officer, helping businesses to secure their critical assets. Marcin holds CISA and CISM certifications.

Selected Experience

Strategy
Led Cyber Strategy, Governance and Transformation service
Built a community of partners, directors, and managers from 18 countries in CE region around Cyber Strategy, Governance and Transformation Service to standardize and improve service delivery at Deloitte.
Cybersecurity strategies
Optimized security functions in multiple industries by coordinating more than 15 projects to develop cybersecurity strategies. They covered business context and threat landscape review, current state assessment, target state design including security architecture, strategy definition and board / C-Level presentations.
Data protection strategy
Optimized data protection capability by developing data protection strategy for wiss bank to ensure alignment with business objectives, regulatory landscape and allow usage of modern technologies.

Frameworks
ISO 27001
Optimized security governance by implementing comprehensive security framework based on ISO 27001 in BPO company. Extended the framework to additional 3 entities and 5 locations in the following years.
Governance framework
Established security governance framework for automotive company operating in over 30 countries based on COBIT, NIST and ISO 27001.
Security improvements
Increased value of a retail company by coordinating the project to desing multiple security processes. They covered risk management, business continuity, identity and access management and supplier security.

Privacy
GDPR assessment
Minimized regulatory risk for the largest bank in Poland by coordinating GDPR assessment project (4 legal entities) executed by interdisciplinary team.
GDPR implementation
Led a project that helped to implement compliance with GDPR in one of the international banks in Poland.
GDPR trainings
Conducted a series of training sessions regarding implementation of data privacy framework for managers working in manufacturing company that operates in more than 100 countries.
Data protection framework
Achieved compliance with data privacy requirements by building and maintaining data protection framework, establishing strict cooperation with clients and local regulatory bodies in BPO company.

Assessments
Cybersecurity audits
Executed cybersecurity audits in one of the Swiss banks.
Senior IT Audit Manager
Acted as interim Senior IT Audit Manager in an international bank. Managed audits in area of application security, network infrastructure and selected regulatory requirements.
Third party reviews
Managed third party risks by conducing multiple security audits and defining recommendations for third party suppliers in EMEA region.
Security reviews
Coordinated or executed more than 30 security assessments of cyber security capabilities in multiple organizations in Europe.