- Gartner client? Log in for personalized search results.
Gartner Expert
Rob McMillan
Managing Vice President
Rob McMillan covers information and IT security topics such as strategic planning, security policy and governance, security incident response, risk management, and security metrics. He brings firsthand experience with nine years in the financial services industry at the executive level within one of the largest banks in the world. Prior to this, Mr. McMillan spent 12 years within the university sector, including nine years with specialist security incident response teams.
Previous experience
Mr. McMillan joined Gartner after almost nine years in information security at the Commonwealth Bank of Australia, where he was Executive Manager of Business Information Security Support. In this position, he was responsible for developing and implementing security policies and standards, operating the bank's threat intelligence capability, implementing the security awareness program, rolling out security infrastructure technologies, and a range of other issues. During this time, he was also a key participant in broader industry initiatives.
Prior to this, Mr. McMillan was co-founder and general manager of AusCERT, responsible for the strategic direction and overall operational management of its core business. He had also spent four years with CERT in the U.S.
Professional background
Commonwealth Bank of Australia
Executive Manager, Business Information Security Support
University of Queensland (AusCERT)
General Manager
Carnegie Mellon University (SEI/CERT)
Member of Technical Staff
Areas of coverage
Security and Risk Management Leaders
Information Security Management Program
Cyber Risk
Education
Associate Diploma in Applied Science, Applied Chemistry, Queensland University of Technology
C.B.A. Executive Education Program, MIT Sloan
B.AS., Computing, Queensland University of Technology
Top Issues That I Help Clients Address
1Security strategy, governance, organization, budget and staffing
2Presenting risk and security to senior management and the board
3Measuring security and its relevance to business objectives
4Security policy development and implementation
5Security incident response planning