Privacy Consultant. Keynote Speaker.
The Nerd With Trust Issues
Fifteen years in privacy and cybersecurity, ten years on stage, and one 2013 identity theft that made all of it personal.
Fifteen years in privacy and cybersecurity, ten years on stage, and one 2013 identity theft that made all of it personal.
Two decades of technology built the foundation: call desk, network architecture, programming (rapidly and regrettably in Java), then early cloud infrastructure, doing the work that later became known as DevOps before anyone had named it. From there into leadership, running product, engineering, technology, and support divisions globally for SaaS companies. Throughout, the consistent role was the same: bridge-builder. The person who translates between what technology actually does and what the people around it need to understand.
In 2013, two separate incidents made the stakes personal. The first was a lesson in how data outlasts the systems meant to protect it: documents from a previous employer, years old, disposed of carelessly. Someone who knew what to look for found them. Ross's identity was stolen. The second involved someone who had secured employment at a different organization under a false identity, used that access to enter a server room during routine maintenance, and walked out with hardware. Neither attack was technically sophisticated. Both succeeded because the gap between policy and practice was wider than anyone had admitted.
That same year, South Africa introduced POPIA, its first comprehensive privacy legislation. Ross was already in those rooms, sitting on information security committees bridging legal requirements and technical reality. The move into privacy was not a career change. It was where the bridge had been pointing the whole time.
The certifications followed with intention: CIPP/E in privacy, ethical hacking, paralegal practice. Not credentials for their own sake, but capabilities built specifically to read the contracts, understand the attack surface, and speak both languages. South Africa is where the pivot started. Toronto is where it landed. The work is now global.
Two decades building, managing, and advising on technology systems across industries. The consulting and speaking work sit on top of a technology foundation, not alongside it.
Specializing in privacy program development, cybersecurity advisory, and governance since before most organizations had heard of GDPR. Covering PIPEDA, Quebec's Law 25, and international privacy frameworks, because most organizations are dealing with more than one regulatory requirement at once.
See advisory services →Keynotes and workshops across Canada and internationally, for consumer audiences, corporate leadership teams, and technical practitioners. The talks come from the same work, not a separate curriculum.
See the keynotes →Coverage across Canada, South Africa, and internationally.
Certified Information Privacy Professional (Europe), issued by the International Association of Privacy Professionals (IAPP). A globally recognized privacy certification for practitioners working with European and international data protection frameworks.
Master of Science in Management of Technology and Innovation, Davinci Institute, Cum Laude, President's Award. Certificate in Paralegal Practice, University of Cape Town. Demonstrated knowledge in ethical hacking and security assessment.
International Association of Privacy Professionals (IAPP) Professional Member and former KnowledgeNet Co-Chair. Canadian Association of Professional Speakers (CAPS) Professional Member and National Board of Directors. Past-President, Professional Speakers Association of Southern Africa (PSASA).
Whether you need a speaker for your next event or a privacy and cybersecurity advisor for your organization, the first step is the same.