A member of KMPG’s Information Protection team focused on transformation and implementation of cyber capabilities. He acted as the Americas lead for industrial control system security services, developed and delivered software security and secure development programs, and led innovation programs for cyber security, including data analytics for cyber. Gavin served as the global lead architect for KPMG’s RSA Archer eGRC deployments and leader of the US Center of Excellence for IT-GRC and Unified IT Compliance.
Leader of Cyber Defense team within KPMG's industry-leading Cyber Services group. Current areas of focus include insider threat programs; threat data-driven risk context reporting; next generation security architecture following the disappearance of endpoint and network controls; gaining value from enterprise GRC investment; secure development, software assurance, and systems engineering; industrial control security transformation, focusing on operational technology protection; identity and access management strategy and implementation embracing user analytics, federation, and attribute based access control; developing security analytics programs.