Aura Information Security has appointed former GCSB's head of consultancy services Barry Brailey as its new principal security consultant. The role will see him take a leading role in managing security consulting engagements, contributing to management business plans and growing the company's consulting team.
Brailey comes to Aura Information Security from the Domain Name Commission, where he was manager of security policy. He also worked at the GCSB's National Cyber Security Centre as head of consultancy services.
He has been on the New Zealand internet Task Force board since 2009 and on the Information Security Awards NZ (iSANZ) Board since 2014.
Brailey has more than 15 years' experience in the industry, in areas such as security management and incident management, and in other areas such as international collaboration, intelligence-led operations, relationship management and strategic business development.
Peter Bailey, Aura Information Security's general manager, says that Brailey's experience in security would bring great value to the team and the expanding cybersecurity sector.
“Barry's invaluable experience in information security, coupled with his proven relationship management and leadership skills, will be hugely beneficial for developing our internal team and guiding strategic business direction,” Bailey says.
“As a result, we'll continue to ensure an unrivalled level of service for Aura Information Security clients. As Principal Security Consultant, Barry will be integral to Aura Information Security as we enter an exciting and critical period in cyber security. We're absolutely thrilled to have him on board," he continues.
Earlier this year the company hired Tom Moore as practice manager for its ANZ operations. Moore previously worked at Datacom, where he was a principal security consultant.
In May, Aura Information Security also released an online training tool designed to help New Zealand businesses minimise the risk of security breaches. The subscription-based tool is housed on an existing learning management system or on the customer's intranet.
“Aura was recently called upon to assist a critical infrastructure provider that had been targeted by CryptoLocker. Had their staff been through a security awareness course and, in particular, had they been able to spot a phishing email, they may have been able to avoid the negative impact the attack had on the business,” Bailey said at the time.
“In order for cyber security to become a part of the culture of an organisation, staff need to be involved – not just those in the IT department or senior management, everyone has a part to play,” Bailey concludes.