GDPR and Privacy Veterans Add New Expertise and Consulting Services
WASHINGTON – October 9, 2018 — The Digital Risk Management Institute (DRM Institute), a not-for-profit organization formed to identify and communicate best practices for managing digital business risk, today announced new board members and an increasing emphasis on providing General Data Protection Regulation (GDPR) expert readiness information and advisory services.
Responding to increasing demand for guidance on GDPR compliance, the new leadership team reflects the DRM Institute’s recognition of the need to use sound digital risk management process and methodologies to address and satisfy GDPR requirements.
The Institute announced the appointment of David Morris as Executive Director. Morris oversees the DRM Institute’s mission to define a decision-making framework that creates and sustains business value by balancing the need to protect the organization with the need to run the business. He recently broadened the role of the DRM Institute to provide highly complementary GDPR consulting services as US organizations prepare for GDPR.
Charles Ambuhl has been appointed President and is an expert in helping U.S. businesses understand and prepare for the implications of GDPR. Ambuhl has designed and implemented innovative approaches to performance measurement, benchmarking, and alignment of technology for increased effectiveness among people, processes and technologies and brings that expertise to enhance the analysis of digital risk.
Juanita Koilpillai has transitioned from her role as President of the DRM Institute to its Chief Technical Advisor where she will apply her deep cyber security knowledge to help organizations improve the security of their operations with the appropriate processes and technologies. Koilpillai is also the founder and CEO of Waverley Labs, a leading independent digital risk management company specializing in the development and deployment of Software Defined Perimeters.
Mark Rasch serves as Chief Legal Compliance Officer and is a leading privacy expert. His career spans more than 25 years of corporate and government cybersecurity, computer privacy, regulatory compliance, probabilistic risk assessment, resilience, computer forensics and incident response.
In addition, the Institute announced Ian West as a Charter Member. West is the founding member of the Swiss-based GDPR Institut, which is the leading organization focused on providing GDPR guidance and educational materials. Described as the Godfather of GDPR. West has provided guidance to the EU Parliament on crafting and commenting on the GDPR regulation.
“GDPR compliance has moved to the forefront of digital risk management issues globally and we have adjusted the scope and capabilities of the DRM Institute accordingly,” said Morris. “The team we have assembled is unmatched in the scope and depth of cyber security, GDPR and privacy expertise. I look forward to reporting on our progress and I encourage you to check out our blogs, webinars, and consulting services.”
In June, the DRM Institute launched the “GDRP Practice” a new service providing GDPR expert readiness information and consultation in alliance with the GDPR Institut. The mission of the GDPR Practice is to guide organizations through the necessary steps to be in a GDPR defensible position. It features the ability to request a free consultation with a GDPR expert providing you the opportunity to have a dialogue on your specific GDPR related issues and queries and to ask any questions you wish.
DRM Institute provides a practical, analytical discipline for managing digital risk from a business perspective, by enabling business and technology leaders and their security partners to collaborate on business aligned decisions.
The DRM Institute provides a framework for managing risk across various functions by relying on the quantification of the business impact of digital risk. This enables business leaders to understand the risk profile of their operations and for the organization as a whole to make risk mitigation decisions based on the level of operational and financial risk.