Who I Am and What I Do
My name is Alan Curran.
I'm a professional information security consultant, ex-Police officer, father, and husband.
I have worked with several public sector organisations in Scotland, helping develop strategies and frameworks to protect against ever changing cyber threats, and assure the effectiveness of security controls and investments.
I am fortunate to have worked with these organisations:
Most Recent Position
Head of Cyber Security
Registers of Scotland, Edinburgh
As the Head of Cyber Security, I'm responsible for providing strategic direction of security controls, anticipating security challenges, driving security maturity improvements and performance, and building the capability required to ensure the security of new and existing services within RoS.
- I am the primary point of contact on all strategic level Cyber Security topics with stakeholders, including directors, senior colleagues, digital team leads, security control owners, external parties, security partners (NCSC, SG etc).
- I am responsible for the development and ongoing maintenance of the organisations Cyber Security Strategy, detailing the high-level control requirements and alignment to relevant frameworks, along with defining security KPIs to ensure effectiveness of deployed controls.
- I ensure our Cyber Security policies and security controls remain appropriate and proportionate to the assessed risks, and are responsive and adaptable to the changing threat environment, business requirements and central government policies
- I champion learning, development, and accreditation to cultivate talent and foster an inclusive, diverse, and motivated security workforce
- I influence, change, and impact decisions by communicating security issues and opportunities with both internal and external stakeholders
- I am a member/attendee of governance group meetings, such as the Design Authority (DA), Architecture Steering Group (ASG), Platform Steering Group (PSG), Information Security Group (ISG), Information Assurance group (IAG), and present updates on the progress of our Cyber Resilience.
