Modern CISO Network: Board Book

Mark Leighton is an information security leader with 14 years of cybersecurity, governance, and risk management experience. Mark is passionate about helping people understand the role of security and how to interact with technology, regardless of their personal or professional life, and recognize the risks that are posed. Organizations need to harness the value of staff while recognizing the dangers they can pose to intellectual property held within organisations, intentionally or unintentionally.

In his current role as CISO at Aurecon Australasia, a global design, engineering, and advisory company, Mark established and built the security function. This includes the development and implementation of cyber programs, improving the cyber posture and responding to the ever-increasing dynamics of a complex organisation that spans the Asia Pacific region. His focus has been to establish risk management and assurance functions, client advice, security culture, and effective security operations teams. His prior role was the CISO for an Australian “Big Four,” which included delivering a cyber risk appetite, deploying a supply chain risk management program, developing an insider threat assessment, and helping to achieve ISO 27001 and IRAP assessments. He also served on the Global Security Advisory Committee to develop the strategy and establish the governance, policies, and frameworks across the global network.

Mark has always focused on the intersection between technology and business. He has a Bachelor’s degree in Computing, Robotics & Digital Technology and completed his Master’s in Business & Technology. Mark was recently nominated as one of the Lacework 50 CISOs to Watch, which recognizes forward-thinking leaders striving to solve tomorrow’s security challenges today.

Mark’s strategic approach fosters a security culture that promotes innovation while maintaining security operational excellence.