David Greenham

Vice President | CISSP, CCSP, CISM, CISA, QSA, SABSA SCF, ISO 27001 Lead Auditor Write to David Greenham
David Greenham

Experienced, diligent, analytical.

David Greenham’s commitment to delivering quality work and providing excellence in service is unmatched. With quiet dedication he ensures his clients are cared for and always goes the extra mile to help his colleagues find success.

David has been advising organizations on mitigating information security and cybersecurity risks for nearly 20 years. With extensive experience in leading security assessments and consulting engagements, David has become a trusted advisor in the areas of cybersecurity, Payment Card Industry (PCI) compliance, ISO 27001 certification, Threat and Risk Assessment (TRA), as well as developing and improving information security programs.

An inquisitive mind, David is a frequent researcher of cybersecurity-related topics and has authored several articles on the subject matter. When he is not serving clients or doing research, David shares his passion with his team members via lunch-and-learns and mini-courses; guiding associates and managers in order to help improve their capabilities through methodology development and knowledge transfer.

Fields of expertise

  • Payment Card Industry (PCI) compliance
  • ISO 27001 certification audits
  • Threat and Risk Assessment (TRA)
  • Cybersecurity health checks


  • Public Sector
  • Financial Services
  • Technology/Media/Telecommunications (TMT)
  • Retail
  • Energy and Resources

Academic Background

  • ISO/IEC 27001 Lead Auditor, 2018
  • Certified Cloud Security Professional (CCSP), 2017
  • Sherwood Applied Business Security Architect (Foundation) (SABSA SCF), 2014
  • Certified Information Security Manager (CISM), 2009
  • Payment Card Industry Qualified Security Assessor (PCI QSA), 2007
  • Certified Information Systems Auditor (CISA), 2004
  • Certified Information Systems Security Professional (CISSP), 2001
  • B. Sc., Carleton University, 1994

Professional and Community Involvement

  • SABSA Institute – Member, since 2012
  • International Information Systems Security Certification Consortium (ISC2) – Member, since 2001
  • Information Systems Audit and Control Association (ISACA) – Member, since 2001

Public Recognition

  • Quoted. “Curbing Cybercrime,” Canadian Grocer Magazine, September 2021
  • Quoted. “Cybersecurity training 101 – Protect your business from cyber attacks by shoring up the weakest link: employees,” Canadian Grocer Magazine, November 2019.
  • Author. “Chances Are, At Least Some of Your Passwords Are Already in The Wrong Hands”, Richter website, December 2018.
  • Quoted. “How to be more cybersecure”, Canadian Grocer Magazine, September 2018.
  • Author. “Mandatory Data Breach Notification is coming November 1st…Are You Ready?”, Richter website, May 2018.
  • Contributed to “Detect, Respond, Recover:  Cybersecurity is not a game”, Canadian Gaming Business, Spring 2017.
  • Quoted. Canadian Jeweller Magazine, September 2016.
  • Quoted. “Data Security,” Integrated Health Magazine, May 2016.