Interview with Mr. Eugenio Maiolo – Principal Consultant at Trusted Impact Pty Ltd.
1. What kind of work does your company do?
TrustedImpact is an independent cyber security consulting company based in South Melbourne, Australia. It was created in 2006 and has since worked with 275+ clients across various industries including government, financial institutions, healthcare and education. We have a singular focus in information security. TrustedImpact helps enterprises improve performance by helping to identify and understand the important technology, people, and process trade-offs required to find a unique balance that reflects its strategy, operations, customers, suppliers and partners. We’re an independent consultancy focused on the best interests and objectives of our clients, we are leveraging experienced professionals – credentials, not checklists. Our business model means that we are focused on achieving your outcome, rather than determining how or if a technology might be used like other product-centric companies. We have no financial affiliation with any hardware or software vendor. Our business model is about achieving your objectives – not achieving the objective of (ultimately) reselling partner technologies.
Information and the systems that process it are among the most valuable assets of any organisation. The adequate security of these assets is a fundamental necessity.
TrustedImpact helps enterprises improve performance by helping to identify and understand the important technology, people, and process trade-offs required to find a unique balance that reflects its strategy, operations, customers, suppliers and partners.
As illustrated in the following graphic, TrustedImpact has an intentionally narrow focus just in information security – our business model is about leveraging experienced specialists who have deep expertise across all elements of information security. These elements range from having deep technical knowledge through to understanding the broader issues of security strategy and business risk.
2. What makes your service provision special or unique?
TrustedImpact has a singular focus in information security. We are SPECIALISTS in information security, not generalists in Information Technology, networking or other disciplines such as auditing. It is all we do, and because of that, we bring unparalleled experience and expertise to bear on our client’s information security issues. With this focused approach, TrustedImpact has grown from a ‘standing start’ a decade ago to become one of Australia’s leading firms in the industry. Our business model is about leveraging experienced specialists who have deep expertise across all elements of information security. These elements range from having deep technical knowledge through to understanding the broader issues of security strategy and business risk.
3. Can you tell us a little about your team and their backgrounds?
Our firm is comprised of a powerful team of consultants with a wealth of expertise ranging from security strategy to highly specialised technical skills. Security is all we do and because of this, we bring a wealth of experience to bear on your complex information security challenges.
Tom Crampton has over 25 years of management consulting experience gained in the United States, Australia and Asia. Previously a VP of the international consultancy, A.T. Kearney, he also has held senior management P&L roles with Telstra / KAZ, American Management Systems and Solution 6. His early consulting career began with Deloitte & Touche.
Demetrios Stoupas with over 25 years of IT experience, Demetrios has provided IT Security-related solutions to a broad range of organisations across multiple industries such as Finance, Superannuation, Health and Manufacturing. He has worked for large multinationals such as Trend Micro and Memorex Telex.
Darren Arnott has over 20 years’ experience in network and systems administration and security, working across a broad range of industries including retail, finance, consulting, NGOs and Local Government. During this time, he has worked with a wide spectrum of systems and technologies; having a passion for technology and IT security he maintains a deep knowledge of current security threats, procedures and risk.
Sairam Jetty is a senior consultant with nearly 10 years of experience in technical security. His skills range from Web/Mobile Application Security, Network Penetration Testing, Secure Code Review, SCADA/ICS Security, Reverse Engineering, Malware Analysis, Incident Response, Digital Forensics, Vulnerability Management/Tracking/Remediation, Wireless Security, Shell/Bash Scripting, etc. and is the author of the “Network Scanning Cookbook: Practical network security Nmap and Nessus 7”.
Jim Karvounaris is a senior executive with over 30 years of experience in risk, security and technology. He has extensive experience working in both the private and public sectors. Positions held in the private sector range from the Head of Information Security for the ANZ Banking Group Limited, CIO for Asia/Pacific based in Asia, to Project Manager for a major initiative ($120m) to transform the international banking systems, and the Head of Technology for Payments (processing $140 billion worth per day). Positions held in the public sector include Strategic Adviser at the Department of Justice and Project Director at the Victorian Commission for Gambling and Liquor Regulation.
Ed Latter is our new Regional Manager for NSW, with over 8 years’ experience working in the IT Industry and over 15 years in Sales. Having consulted with most verticals across Enterprise, Government Departments and the Financial sector on both the protection and detection sides of Information Security, Ed has been witness to the rapid growth and sophistication of Cyber Security mechanisms and Compliance Legislation in Australia which is constantly evolving to keep up with the ever growing threats posed by Cyber Criminals.
Genio Maiolo is a skilled and experienced Information Security, Cyber Security, Governance & Risk Professional, with over 20 years of experience in technology, consulting, audit and management across a diverse set of industries. He has coordinated and managed the development of enterprise security management and governance systems, instigated strategic change to audit and controls assessment methodologies, managed the transition, implementation and maintenance of resilient and robust IT security controls frameworks, scalable IT infrastructure, and business critical recovery environments.
Geoff Rasmussen has over 20 years’ experience in the IT industry. He has an extensive background in software development but has filled most IT roles including Systems Administrator, Network Security, DBA & Business Analyst. Geoff is a hands-on technology specialist with a passion for information security, mobile computing, 802.11 security, data and forensic analysis. He has a thorough knowledge and understanding of security risks associated with enterprise and web applications working for a range of client organisations.
Charline Quarre Young and dynamic, Charline studied a Bachelor’s in History at the University of Toulouse and a Master’s in Strategic Studies, Security and Defence policies at HEIP Paris. After her first experience at the Department of Home Affairs in France, she relocated to Australia and joined the TrustedImpact team.
4. How has BeST added value/supported your service provision?
At TrustedImpact, we noticed that while many organisations are able to detect activity across their systems, many fail to plan how to respond to something nefarious happening. There are three things to remember when it comes to incident response planning:
- Incidents are inevitable but becoming a headline isn’t.
- Having a plan makes the difference between becoming a headline or not.
- However, real success lies in TESTING and EXERCISING your plan regularly.
Our TrustedResponse tool (BeST x TrustedImpact) allows us to: create Incident Response Plans for clients, import existing Incident Response Plans for clients, test and improve their plans via simulated scenarios, extract analytics (expected vs reality) , and asist clients in exercising their plans regularly.
Our partnership with BeST allows us to combine craftmanship with leading tools to create the best outcomes!
5. What would you like everyone to know about your company?
We are Australian, Small, Niche, Deep skillset in cyber security consulting.
We are nimble and focused on delivering value-based outcomes for our clients and all our work is local, not off-shore.