Dr Rich Diston is one of the most qualified security risk practitioners on the planet. He holds (or has held)

  • MSc in Security Management (distinction)
  • Professional Doctorate in Security Risk
  • Certified Information Security Systems Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified in Risk to Information Systems (CRISC)
  • Certified in Governance for Enterprise IT (CGEIT)
  • Certified in Information Systems Audit (CISA)
  • Certified Data Securoty Privacy Engineer (exam passed) (CDPSE)
  • Security+
  • ISO 27001 Lead Implementer
  • ISO 27001 Lead Auditor
  • ITIL Foundation
  • VeriSM Foundation
  • …and a bunch of other stuff

I am passionate about the security industry, and am a vocal advocate for the development of the sector. I care about the people who ‘do’ security and feel that there is not enough focus on their needs. Too often, I feel that security people are preyed upon by membership organisations and training bodies who are selling them a false dream of security ‘becoming a profession’.

You can probably tell that I have an unconventional approach that often puts me at odds with ‘the security establishment’ but I am perfectly comfortable with that. I don’t genuinely give much of a shit about the uninformed opinions of ‘security experts’, and I refuse to toe their line just to appear to be ‘nice’. I have been described as ‘the straight edge against which a crooked industry is measured’ which speaks to my honesty, integrity and ethics.

If you need informed advice for your organisation or for your career, I am available to help. That is what this Real Security Doctor thing is all about.