LLB, MS, PhD

Position

Teaching areas

Information Security, Security Governance, Ethical Hacking, Networks, Business, IT and legal alignment for security standards, Cyber Law, Data Sovereignty

Contact details

Biography

Rizwan Ahmad is a Senior Lecturer at Manukau Institute of Technology since 2013 and is a major contributor to the field of information security and cloud governance. 

He has more than 15 years of experience in security governance supported by his legal expertise. He is a committee member for ISO Security Standards JTC SC 27 New Zealand Standards and represents MIT in Joint Committee Australia and New Zealand of IT governance IT-030. 

Rizwan is an expert information security consultant specializing in ISO 27001, PCI DSS and enterprise security governance. Previously, Rizwan was Chairperson for the Cloud Data Governance research team of Cloud Security Alliance Global. He is also the founder and past CEO of the Cloud Security Alliance New Zealand Chapter. He has contributed research in the field of cloud security by working with international teams of Cloud Security Alliance and designing security controls. He has been involved in global research with Object Management Group, International Telecommunication Union, Common Assurance Maturity Model and Cloud Security Alliance.

Publications

• Samaras, V.; Daskapan, S.; Ahmad, R.; Ray, S.K., "An enterprise security architecture for accessing SaaS cloud services with BYOD," in Telecommunication Networks and Applications Conference (ATNAC), 2014 Australasian , vol., no., pp.129-134, 26-28 Nov. 2014 URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7020886&isnumber=7020854
• Ahmad, R.; Janczewski, L., "Governance Life Cycle Framework for Managing Security in Public Cloud: From User Perspective," in Cloud Computing (CLOUD), 2011 IEEE International Conference on , vol., no., pp.372-379, 4-9 July 2011 URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6008732&isnumber=6008659
• Ahmad, Rizwan, and Lech Janczewski. "Triangulation theory: an approach to mitigate governance risks in clouds “ , 2^nd IEEE Conference on Cloud Computing Technology and Science, November 30 -2 December 2010. http://salsahpc.indiana.edu/CloudCom2010/Poster/cloudcom2010_submission_153.pdf
• Ahmad, Rizwan and Gutiérrez, Jairo A., "A Cloud Computing Encapsulated Layer for Security and Availability" (2010). CONF-IRM 2010 Proceedings. Paper 17. http://aisel.aisnet.org/confirm2010/17

Scholarly activities

Important positions held with research portfolio

• Chairperson Cloud Security Alliance Data Governance (World) group in 2014
• Founder and Former CEO of Cloud Security Alliance New Zealand Chapter

Industry guidance publications world

• Cloud Security Alliance
  • Cloud Control Matrix version 1.2, Cloud Security Alliance
  • Cloud Assessment Initiative Questionnaire, Version 1.1, Cloud Audit Group, Cloud Security Alliance.
• Conjoint Publication White Paper Italian and New Zealand Chapter
  • BYOD: a next step forward for the IT revolution started with Cloud: Considerations from the point of view of data protection and monitoring of workers, available at http://cloudsecurityalliance.it/wp-content/uploads/2013/12/Studio-BYOD_Dic2013_EN.pdf
• Publications for New Zealand Market
  • Mapping NZISM on Cloud Control Matrix. https://chapters.cloudsecurityalliance.org/newzealand/research/
  • Risk Assessment for Privacy paper for Privacy Commissioner New Zealand https://chapters.cloudsecurityalliance.org/newzealand/files/2012/05/NZCSA-to-privacy-commissioner-23-February.pdf
• International Telecommunication Union
  • International Telecommunication Union (ITU) 2012. ITU-T Focus Group on Cloud Computing Technical Report – Part 5: Cloud security, Version 1.0. [Online]. Available: http://www.itu.int/en/ITU-T/focusgroups/cloud/Documents/FG-coud-technical-report.zip
• Cloud Consumer Council
  • Moving in the Cloud
  • SLAs in the Cloud Version 1
  • SLAs in Cloud Computing Version 2
• New Zealand Standards
  • Active contributor to ISO 27017 standard for cloud security

Awards and grants

• Recipient of PhD Scholarship
• Honorary Member of Beta, Gamma, Sigma

Industry activities

• Conference speaker New Zealand
  • Speaker at breakfast meeting New Zealand Information Security Forum (NZISF) February 2011
  • Speaker at Cloud Services and Security Summit Auckland, May 2011
  • Speaker at NZ Cloud Computing Summit 2012 Masterclass: Overcoming security and reliability
  • Speaker at Evolve Conference Trend Micro August 2012
  • Speaker delivering Concepts of Sovereignty and Cloud user rights: Introducing four elements to secure the Cloud User in cloud computing at New Zealand Information Security Forum (NZISF), 2014
  • Speaker Delivering “Sovereignty of Data in the Cloud: Case for Data Bill of Rights” at IEEE Webinar
• In news
  • Heading up into the cloud Paul Matthews, IITP Chief Executive. 30 September 2011, 1:36 pm http://techblog.nz/200-headingupintothecloud
  • NZ segment of Cloud Security Alliance calls for transparency, security http://www.computerworld.co.nz/article/524392/nz_segment_cloud_security_alliance_calls_transparency_security/
• Industry certifications
  • PCIP
  • PCI QSA
  • ISO 27001 Lead Auditor
  • ISO 27001 Master Auditor for Management Systems
  • ISO 29100 Privacy Lead Implementer
  • Lead Penetration Testing Professional

Memberships and affiliations

• Member ISO 27000 SC 27 Committee New Zealand Standards
• Member ISO 3850 IT-030 Joint Committee New Zealand and Australian Standards
• Member Cloud Consumer Council
• Member IEEE 2302 Standard for Adaptive Management of Cloud Computing
• Honorary Member Beta, Gamma and Sigma
• Member New Zealand Security Forum

Back to profile list