Knowledgeable, diligent, personable.
Ray Vankrimpen genuinely enjoys delivering his boutique brand of consulting, implementation and audit expertise in the areas of cybersecurity, privacy, IT risk management and data quality.
With nearly 20 years’ worth of proven knowledge and experience, Ray advises his clients on the implementation of cybersecurity solutions. He is able to scale solutions for large, complex organizations and at the same time bring practical, value-oriented solutions to smaller sized organizations.
Ray has helped many organizations develop their cybersecurity strategy and programs. His technical solution expertise includes Security Information Event Management (SIEM), Data Loss Prevention (DLP), Cyber Threat Intelligence and Data Classification. He has considerable knowledge and experience implementing the NIST Cyber security framework (NIST CSF) and is able to leverage informative resources such as ISO27001, COBIT and other NIST standards.
Ray has many years of experience delivering IT audits of complex information technology architectures that typically include cloud, application, database, network, server and virtual infrastructures. He delivers controls solutions and audits against statutory and compliance standards such as ISO 27001, CPA Canada’s Trust Services Criteria (SOC1, SOC2, CSAE3416, SSAE16 and WebTrust for CA).
Ray excels in helping organizations in the selection and preparation for the sustainable use of information security technologies with a focus on people and processes to support the technology.
Fields of expertise
- Cyber Security solutions
- Cyber Threat Intelligence solutions
- Cloud Security solutions
- Privileged Access Management solutions
- Security Information Event Monitoring solutions
- Information security, privacy and threat risk assessments
- Readiness assessments and service auditor reports under AICPA/CPA Canada guidelines (SOC 1, SOC 2 and SOC 3)
- Public Key Infrastructure audits (WebTrust for CA, Certipath)
- PCI Readiness Assessments and Audits
- ISO 27001 Readiness Assessments and Audits
- Implementation and audit against statutory and compliance standards and frameworks
- Financial institutions,
- Public sector including healthcare, government ministries and agencies
- Technology, media and telecommunications
- Payment Card Industry – Qualified Security Assessor, PCI-QSA, 2016
- Certified in Risk and Information Systems Control, CRISC, 2010
- Certified Information Security Manager, CISM, 2009
- Certified Information Systems Security Professional, CISSP, 2004
- Certified Information Systems Auditor, CISA, 2003
- Diploma in Computer Science, Niagara College, 2000
- BBA, Brock University, 1999
Professional and community involvement
- International Information Systems Security Certification Consortium (ISC2) – Member, since 2004
- Information Systems Audit and Control Association (ISACA) – Platinum member, since 2000
- Quoted in “Oversharing on social media especially risky for the wealthy”, Canadian Family Offices , June 202
- Quoted. “Taking aim at workplace tech” CPA magazine, July 2017
- Lead presenter. “Data Classification and Data Governance,” ISACA Toronto Annual Summer Conference, June 2016
- Lead presenter. “Implementing Cyber Security aligned with the NIST framework,” ISACA Fall Conference, November 2015
- Provided comment to The Globe and Mail on the Ministry of Education website security issues, March 2015
- Provided comment to The Globe and Mail on the Home Depot breach, September 2014
- Provided comment to various print and broadcast media on the “Heartbleed Vulnerability,” including The Globe and Mail, Toronto Star, CBC, BNN and 680 News, April 2014
- Presenter. “Privacy and Security Monitoring Solutions for Health Care,” Hospital CIO/CPO Symposium on ePHIPA, Toronto, January 2013
- Lead presenter. Cyber Security, various executive boards, since 2010
- Lecturer. “Electronic Data Processing Auditing,” Laurentian University, 2010-2013
- Lead presenter. “Managing Outsource Vendors,” ISACA IT Audit Day, Toronto, since 2009
- Lecturer. “Management Information Systems,” University of Toronto, since 2008
Risk Management Advisory
With change happening at an increasing pace, your company must innovate, adapt to better connect to your customers and suppliers, and streamline internal processes to grow with confidence.
Your company’s worst nightmare: a cyberattack paralyzes servers, puts confidential information and finances at risk, and threatens to compromise client data. How do you overcome it? Better yet, how can you avoid this?
Like it or not, in today’s rapidly shifting marketplace, if a business wants to stay competitive it not only has to “go” digital, it has to “be” digital.
Growth is exciting. But navigating the aspects involved in successful growth – particularly when it happens rapidly – can be one of the most complex challenges a business can face.