CISSP, CISM, ISO 27001 sLI, CC, SC-900
CISSP, CISM, ISO 27001 sLI, CC, SC-900
Embedded Files
Lucas is a global cybersecurity leader with 14+ years of experience designing, leading, and scaling programs for multinational organizations.
A former PwC Manager, Fulbright Scholar, Carnegie Mellon alumni, and Ex-Accenture, he has led global teams and initiatives across crypto, banking, government, insurance, PSPs, logistics, regulators, energy, entertainment, hospitality, food & beverage, automotive, retail, petroleum, and real estate.
Trained by FBI, INTERPOL, OAS, CERT, and ISO, he has openly shared his knowledge training +1,000 professionals across several countries.
A Fulbright scholar with a Master of Science degree in Information Security Policy and Management at Carnegie Mellon University (Highest distinction) and a Master of Science degree in Information Security at the University of Buenos Aires (Class rank 1st).
Lucas has created 4 cyber ISO standards and served as the ISO National expert for Argentina and Malta on ISO's Information Security, Cybersecurity, and Privacy Protection subcommittee (ISO/IEC JTC 1/SC 27), as well as Secretary of Argentina's ISO mirror subcommittee.
Lucas blends deep technical and governance expertise with business acumen. His work spans cyber governance frameworks, cybersecurity audits, maturity and risk assessments, eGRC implementations, security awareness programs, applied research, and the development of international standards—supporting private sector, government, and NGOs across the US, Europe, and Latin America for +14 years. Learn more.
5 things you need to know about the new version of ISO 27001
Changes to the standard are significant. Therefore, performing a gap analysis against the new ISO 27001 version will help you understand where you are in your organisation's cyber maturity journey. Creating your Cyber Strategic roadmap is crucial to address this transition.
Still have some questions? Just share them with me - I’ll be happy to address them. Stay tuned for more updates on the ISO 27001 standard series!
Partnering with the Software Engineering Institute at Carnegie Mellon University, we devised a novel Cyber Risk method combining FAIR, MITRE, OCTAVE, CMMC, NIST CSF, and NIST SP 800-53 frameworks.
The main objective is to provide CISOs with a concise and express control impact prioritization strategy for Cyber Risks. CISOs will optimize their security strategy based on their custom main constraints (e.g. budget, risks, compliance requirements, threat environment). CISOs will also be able to quickly justify their budget and investments to executives.
Working with Prof. Alessandro Acquisti we researched how data breaches affect users' and organizations' security and privacy. Our main objective was to verify the existence of the gap and gauge it by analyzing subjects' privacy awareness, behavior, and attitude discrepancies.
The project goal is to improve the usability of well-known information risk frameworks. Focusing on how to build security management systems based on a maturity model that centralizes the requirements and guidelines of risk frameworks. During the 2020 fall semester, I worked with a CMU advisor within an independent study to devise a Unified Cyber Risk Maturity Model.
Google Sites
Report abuse