KIERAN UPADRASTA CISSP, CISM, CRISC                                                                                                                     

Kieran Upadrasta, CISSP is the CISO, and the founder, Director of Cyber Artificial Intelligence Systems. He is a cyber security architect, Information security consultant, InfoSec Researcher. He is a CISSP, CISM, CRISC qualified. Policy Advisor, Expert Witness. University Gold Medallist.

Mr. Upadrasta was also a former engineer in the Air Force Information Warfare Unit. Cyber Defence taskforce member.

Mr. Upadrasta has over 26 years’ experience of business analysis, consulting, technical security strategy, architecture, governance, security analysis, threat assessments and risk management. 26 years’ Cyber Security experience with big 4 consulting firms. 20 years worked in Financial and Banking industry. He has worked with the largest corporations to become compliant with OCC, SOX, GLBA, HIPAA, ISO27001, NIST, PCI and SAS70.

 

Mr. Upadrasta has consulted for several Fortune 500 companies., including Banking, Financial, Insurance, defence and aerospace clients. His competencies range from setting up risk management programs and developing enterprise network security architectures to constructing enterprise-wide security programs that connects computer security and business needs in a synergistic manner.

Mr Upadrasta was the lead author of a prize-winning research paper, widely published in the field of Artificial Intelligence (AI) and Cyber Security. Having published over 100 papers in peer-reviewed journals, and presented or lectured research papers at nearly 100 national and international meetings, Mr Upadrasta is strongly invested in the pioneering research which will bring new hope to next generation Artificial Intelligence (AI) and Cyber Security.

Expert in Business Continuity planning (BCP) and Management, Resilience, Disaster recovery planning (DRP), Incident response, Crises management, Critical and Major Incident Management (MiM), Stakeholder engagement, mapping requirements and management. Specialised in the following areas: -

A computer with a person's face on the screen

Description automatically generated with medium confidence

                  

• Governance, IT Auditing - Policy, Legal, Regulatory Compliance, Investigations, forensics, COBIT, Archer eGRC, PCIDSS, GDPR, Data protection, SOX

• Policy, Standards, Framework, Audits – ISO27001, SAS 70, NIST, COBIT, Smart city Reviews, BCP, DRP, HIPAA, PCIDSS, SOC2

• Risk management -SARA, SPRINT, IRAM

• Threat management - Arbor SP Peakflow, Forefront TMS, DDOS mitigations, Akamai Kona defender, Siteshield, Threat modelling, Threat hunting, Intel

• Vulnerabilities management -Qualys, Tenable Nessus, Foundstone

• Strategic Planning, Security architecture - HLD & LLD creation, Enterprise architecture – SABSA, TOGAF

  Identity and Access Management IAM- AD, Azure AD, Okta

 

  Privileged Access Management (PAM): CyberArk, BeyondTrust, Thycotic, Centrify, Lieberman, Broadcom Symantec CA PAM, SailPoint IGA

• Data loss and fraud prevention - Symantec DLP, Advanced Persistent Threat APT, User Behavior Analytics UBA

• Cybersecurity Platforms: CrowdStrike, Palo Alto Networks, SentinelOne, M365 Defender, Falcon Sensors, McAfee, Symantec, Carbon Black, Fortinet, FireEye, Cylance, MITRE ATT&CK Framework, Endpoint & Cloud Protection, Detection, And Response (EDR), Falcon X, Breach Prevention, Vulnerability Management, Threat Hunting, Zero Trust, Container Security, NGAV, Device Control, Firewall Management, Artificial Intelligence, Automation

• Cloud platforms -AWS, Azure, Google Cloud Platform (GCP) & Cloud technologies

• Automation - Ansible, Kubernetes, Docker,Terraform, Jenkins, Python

•Management – Projects, Engineering and Security operations

SIEM : Arcsight ESM, Qradar, Splunk, LogRhythm, RSA Security Analytics, Envision

• Firewalls, IDS, IPS - Checkpoint, McAfee, Cisco, Juniper, ISS, Snort, Sourcefire, Web Application Firewall WAF

• Encryptions, Vpns, IPsec, PKI, Endpoints - Safe boot, Pointsec, CrowdStrike

• Proxies, Content filtering - Bluecoat, Zscaler, Finjan, Ironport

• Agile, Prince2, DevOps, DevSecOps

• Past work experience with quite few international security agencies.           

• Past work experience with Financial Conduct Authority FCA, Prudential Regulation Authority PRA

Qualified: CISM, CRISC, CISSP, CyberArk Certified, CCSE, CCSP, CCNA Security, JNCIS-FWV, MBA and BEng