Luciano Moreira da Cruz

Promote this Nomination

Additional Info

Job title of nominated professional (or team name)Cybersecurity Practice Unit Manager
Company (where nominated professional or team is working)Baufest
Company size (employees)450

In 3 bullets, summarize why this professional or team deserves recognition:

Recognized Cloud Computing Security and Security researcher in Argentina and South America.

Active in professional societies:
• ISACA/ADACSI - academic Committee for E-gisart and Ciber events.
• ISSA (Information Systems Security Association) Argentina - Active member
• CSA Argentina Chapter Vice-president - Luciano has done a great job in growing the CSA's presence in Argentina and developing partnerships with other information security organizations
• Cloud Standards Customer Council - associate member for workgroups (Financial Services, Government, Security, Practical Guide to Cloud Computing, XaaS, Big Data)
• IEEE – Member of Scientific Committee on cyber security and cyber defense in the IEEE Argencon 2016

Luciano is a welcome guest and speaker at numerous cloud and security events and training

Brief Overview

Entrepreneur, coach and consultant in Information Security and Compliance. Luciano has experience in Information Security and Information Technology with expertise in Business Continuity and Cloud Computing Security.
Luciano has been working with Information Technology and Security in the past years in a dozens of projects in all security layers. Responsible for design, implementation and management of projects with activities like risk analysis, gap analysis, compliance, security policies development, disaster recovery, business continuity plan and network security.
Define and implement controls to compliance with SOX, PCI, and ISO 27000.
Support the compliance of laws and standards: Law Protection of Personal Data, Law of Computer crime, PCI-DSS. Adequacy of processes related to the treatment of sensitive and/or confidential information.
In addition to his job as consultant, he also has been working to develop and promote the Information Security to Argentina and South America through activities realized with associations like CSA, ISACA/ADACSI, Owasp, Cloud Standards Customer Council, etc…

Specialties: 15+ years of Corporate and IT/IS experience, including:

• Solid knowledge and experience in projects related to the implementation and improvement of a quality management systems and information security
• Knowledge in auditing and monitoring of compliance with standards and national and international standards
• Solid knowledge in Security on Microsoft technology
• Certified as a Lead Auditor ISO/IEC 27001:2005/2013
• Certified Cybersecurity for Industrial Control Systems – US Department of Homeland Security
• Certified Operational Security (OPSEC) for Control Systems – US Department of Homeland Security
• Certified Insiders’ Guide to PCI DSS v3.0
• Certified Integrator in Secure Cloud Services
• Information Security Governance
• Cloud Computing Security
• IT Risk Management & Audit
• Cyber Risk Strategy & Management
• Data Privacy & Protection
• Cybersecurity Awareness for Boards