I speak from live delivery, board reporting, regulatory change, and incident leadership. I situate privacy, data, and AI inside the wider risk landscape boards and executives actually manage.
My speaking work is grounded in delivery: operating models, board reporting, AI governance, regulatory uplift, financial services obligations, and incident response. I translate intersecting legal, risk, security, data, and operational complexity into clear judgment calls for senior audiences.
I brief boards and executive teams on cyber incidents, privacy enforcement, AI governance, regulatory exposure, and strategic risk posture, then turn those developments into decision frameworks leaders can use across the wider risk landscape.
I have led privacy response during live incidents where privacy, cyber security, fraud, financial crime, and regulatory notification obligations intersect, including governance over the proposed ingestion of externally compromised data for fraud and financial crime controls, ransomware-related third-party exposure, and multiple data breach investigations with board-level reporting.
Invited speaker on cross-border data governance and privacy compliance for corporate governance professionals across India and the Asia-Pacific region.
Delivered a webinar series on data protection and AI governance focused on the collision point between privacy regulation and emerging AI obligations.
Delivered a Brussels-based GDPR series for medtech audiences during a period of rapid regulatory change, translating legal obligations into practical governance and compliance steps for senior stakeholders.
Presented gap assessment findings and remediation roadmaps to clients across GDPR readiness engagements, translating assessment results into prioritised implementation plans for senior management teams.
I brief risk management committees on privacy and data risk in the context of wider regulatory obligations, including AML/CTF, APRA expectations, banking conduct obligations, insider trading controls, ring-fencing, internal fraud, control maturity, incident trends, and the decisions needed to keep governance moving.
I present to internal regulatory change groups on the operational impact of Privacy Act reform, Consumer Data Right developments, tranche-based regulatory change, APRA guidance, banking conduct expectations, and adjacent financial services obligations, and I participate in Australian Banking Association regulatory working groups shaping industry response.
I have taken privacy and data programs through multiple internal audits, including scrutiny from global audit teams, explaining control design, remediation evidence, and operating effectiveness under challenge.
I have participated in recurring global working groups reporting on the state of privacy and data risk, turning local delivery, control issues, and regulatory developments into clear updates for global stakeholders.
I brief executive and cross-functional teams on data governance, AI risk, and responsible use of data in regulated environments, including data lifecycle, automated decision-making, vendor AI risk, AI use-case approval, model training and ingestion questions, and board reporting on AI exposure.
I advise on privacy-by-design, retention terms, and disposal mechanisms for data products and contract analysis workflows, including how to build data lifecycle controls into the design before the tool reaches operation.
I advise on individual rights and data subject access request responses, including defensible search scope, exemptions, third-party data, privilege, proportionality, and how to respond under legal, regulatory, and customer-pressure conditions.
I brief teams on governance technology and privacy platform implementation, including OneTrust, Collibra, data mapping, workflow design, reporting, and how to make platforms support operating governance rather than become another compliance repository.
I guide teams through third-party data breach responses, helping legal, cyber security, technology, procurement, and business stakeholders understand exposure, evidence, notification risk, and remediation priorities.
I designed and run a monthly governance forum for senior stakeholders across legal, technology, risk, and business leadership to keep regulatory change, operational lessons, and program decisions moving in one room.
I build and deliver privacy training at every level, from general awareness for all staff to role-based sessions for high-risk teams, executive briefings, and Data Protection Officer-specific training.
I design capability frameworks that help organisations build privacy, data, and AI governance capability over time, connecting awareness, role-based skills, decision rights, escalation pathways, and executive education into one operating model.
I am available for board briefings, executive education, conference speaking, webinars, and private governance sessions on privacy, data, AI, cyber, regulatory, and operational risk.