PhD (Computer Science and Informatics), CISSP, SIEEE
With my international experience in information security, software development, risk management, innovation and standards, and security transformation, my current interest concentrates on the practice of managing the relationship between risk and trust in the environment rich in communications mediated by the ICT (information and communication technologies).
I approach this problem from the perspective of risk management that seriously take into account the existence of trust and its impact on risk and risk assessment. The application area is very wide: compliance, business proces outsourcing, privacy, identity governance, cloud computing, open source software, collaborative development, security assurance - these are some of the areas where risk and trust have to be jointly analysed. While my interest covers all stages of the lifecycle of information systems (as well as various aspects of social and personal trust) I tend to focus on desing requirements.