Job Title: Senior Manager - Cyber Security & Data Privacy
Gareth leads the PwC Data Privacy and Cyber Security team in the North Risk Assurance practice. He has 10 years’ experience in the field of data protection and cyber security across industry and the public sector. Gareth is a former Information Commissioner’s Office (ICO) Data Protection Audit Leader. Gareth has in depth working knowledge and experience of the UK Data Protection Act 1998 / GDPR, ISO 27001 and many supporting industry information security standards such as the Cyber Essentials Scheme, HMG Security Policy Framework, CESG guidelines, and PCI DSS compliance. Since joining PwC in 2014 Gareth has led the delivery of a significant number of data protection and cyber security related projects including engagements around GDPR assessments, privacy impact assessments, cyber strategy and policy development, Threat and Vulnerability Management and cyber crisis management. Gareth also delivers data protection and cyber security training sessions. Gareth is PwC's Regional subject matter expert on GDPR and the international standard for information security - ISO 27001:2013 and he has successfully implemented eight accredited certified ISO 27001 information security management systems for companies varying in size from FTSE100 to SME’s. Gareth has a wealth of experience specifically within transport, financial services, retail, and health, with significant projects including: an interim CISO secondment, GDPR and cyber strategy development for a FTSE retail giant, cyber security GRC framework implementation for a building society, and development of a cyber security training programme for a telecommunications company to name a few.