Updated May, 2022


Peter H. Gregory

Peter H. Gregory

Peter H. Gregory, CISM, CISA, CIPM, CDPSE, CISSP, CRISC, CCSK, DRCE, is an information security executive and career technologist, executive advisor, published author, public speaker, adjunct professor, and commentator in the fields of data security, business security, and business use of technology. He is an expert on a wide variety of business and technology issues including:

  • Development of strategies for the protection of critical assets
  • Protection of corporate assets, both physical and information-based
  • Compliance with U.S. laws including Sarbanes Oxley, FISMA, and HIPAA; and U.S. state laws including CCPA and NYDFS
  • Compliance with international standards such as ISO27001, NIST 800-30, NIST 800-37, NIST 800-53, and PCI DSS
  • Compliance with privacy laws such as GDPR and CCPA
  • Management of SOC 1 / SOC 2 / SSAE16 / SSAE18 / ISAE3402 service provider audits
  • Security policy, controls, governance, risk management, training, and business processes
  • Key business processes that support security, including risk management, change and configuration management, vulnerability management, identity management, access management, and the systems development life cycle
  • Business continuity planning and disaster recovery planning, crisis management, including pandemic contingency planning
  • Advisory board member, University of South Florida executive cyber security program
  • Adjunct professor (emeritus) and advisory board member, University of Washington certificate program on Information Systems Security
  • Advisory board member, University of Washington certificate programs in Information Security and Risk Management

He is currently employed as a security senior leader in a North America-based telecommunications organization.

Industry Certifications

  • CISSP (Certified Information Systems Security Professional), 2000
  • CISA (Certified Information Systems Auditor), 2002
  • DRCE (Disaster Recovery Certified Expert), 2008
  • CRISC (Certified in Risk, Information Security, and Control), 2010
  • CCSK (Cloud Computing Security Knowledge), 2010
  • CCISO (Certified Chief Information Security Officer), 2012 (expired)
  • PCI-ISA (Payment Card Industry Internal Security Assessor), 2013 (expired)
  • PCI-QSA (Payment Card Industry Qualified Security Assessor), 2014 (expired)
  • CISM (Certified Information Security Manager), 2017
  • CIPM (Certified Information Privacy Manager), 2018
  • CDPSE (Certified Data Privacy Solutions Engineer), 2020

Published Author

Mr. Gregory has published over forty books in five languages on security and technology, including:

  • CISA Certified Information Systems Auditor All-In-One Exam Guide (1st, 2nd, 3rd, and 4th editions)
  • CISM Certified Information Security Manager All-In-One Exam Guide
  • CIPM Certified Information Privacy Manager All-In-One Exam Guide
  • CDPSE Certified Data Privacy Solutions Engineer All-In-One Exam Guide
  • CRISC Certified in Risk and Information Systems Control All-In-One Exam Guide
  • CISSP Guide to Security Essentials (1st and 2nd editions)
  • IT Disaster Recovery Planning for Dummies
  • CISSP for Dummies (1st, 2nd, 3rd, 4th, 5th, 6th, and 7th editions)
  • Solaris Security

Expert Witness

Mr. Gregory was an expert witness (Amicus Curiae) in a successful federal prosecution of a cybercriminal in 2006 resulting in a multi-year prison term.

Published Articles

He has written over twenty articles in publications including:

  • BankInfoSecurity
  • Computerworld
  • BusinessWeek
  • SearchSecurity
  • Software Magazine
  • Dark Reading Daily, where his analysis of the TJX 10-K filing topped their “Best of the Web” listing


Mr. Gregory is regularly interviewed for industry news articles. His comments have been quoted in:

  • Forward View
  • Computerworld
  • Forbes
  • CIO Magazine
  • CSO Magazine
  • Information Security Magazine
  • SC Magazine
  • Tech Republic
  • C|Net News
  • Seattle Times
  • Direct Marketing Association
Peter H Gregory on the stage

Peter H Gregory on the stage

Event Speaker

He has also spoken at numerous security conferences and events throughout the United States and Canada, including:

  • RSA, San Francisco
  • SecureWorld Expo, Seattle, Portland, Atlanta, Philadelphia, and Boston
  • (ISC)2 Congress, Orlando and Austin
  • Interop, Las Vegas
  • Victoria Privacy and Security Conference, Victoria, B.C.
  • Optiv Enterprise Security Solutions Summit (ES3), Seattle, Denver, Omaha
  • Dark Reading Cyber Security Summit, Las Vegas
  • Tech Junction, Albuquerque
  • ArcticCon, Anchorage
  • ISACA (Information Systems Audit and Control Association), Seattle
  • West Coast Security Forum, Vancouver
  • Washington Technology Industry Association, Seattle
  • InfraGard, Seattle
  • Source, Seattle
  • Western Pension and Benefits Conference, Seattle
  • Wyoming Governor’s Broadband Summit, Cheyenne
  • Credit Union National Association Security Summit, Las Vegas
  • Veritas Worldwide User Conference, Phoenix
  • International Gaming Business Exposition, Las Vegas
  • Society for Information Management, Bellevue
  • University of Nevada, Reno
  • IT Connect Expo, Santa Clara
  • Interface, Anchorage and Seattle
  • Security Professionals Information Exchange (SPIE), Calgary
  • numerous private events

As an event speaker, Mr. Gregory is effective and entertaining whether the audience is highly technical or highly non-technical.

Advisory Boards

Mr. Gregory has served on several advisory boards, including:

  • InfraGard, the Evergreen State (Washington) Chapter (Emeritus)
  • Advisory board member, University of South Florida executive cyber security program
  • University of Washington certificate program for Information Security and Risk Management, one of the first such programs certified by the U.S. National Security Agency
  • University of Washington certificate program for Information Systems Security
  • SecureWorld Expo Conference

Community Work

He has also been involved in various community service efforts, including:

  • Co-founder and group manager for the Pacific CISO Forum (Emeritus)
  • Proctor at CISSP certification exams (Emeritus)
  • Developer of CISA, CRISC, and CISSP certification exam questions (Emeritus)
  • Graduate of the FBI Citizens’ Academy
  • Member of the FBI National Citizens’ Academy Alumni Association
  • Contributor, Security Guidance for Critical Areas of Focus in Cloud Computing, Cloud Security Alliance
  • Certification Board, Cloud Security Alliance
  • Board Member Emeritus, Seattle InfraGard

Trade Association Memberships

Mr. Gregory is a member of the following trade associations, including:

  • Forbes Technology Council
  • Pacific CISO Forum (Emeritus)
  • FBI National Citizens Academy Alumni Association
  • InfraGard
  • (ISC)² (International Information Systems Security Certification Consortium)
  • ISACA (Information Security Audit and Control Association)
  • IAPP (International Organization of Privacy Professionals)
  • FAIR Institute
  • CyberEdBoard
  • EC-Council (Emeritus)


Mr. Gregory can be reached by filling out the inquiry form below. This will be sent directly to Mr. Gregory’s publicist and business manager in confidence.