Sarb Sembhi

Sarb Sembhi

Director of Consulting Services Incoming Thought

Director of Consulting Services at Incoming Thought, and responsible for consulting services provided to clients and through partners. Before this role, Sarb headed up a security practice in the City of London and has been a Principal Consultant and Security Researcher.

While his career started as a Project Manager in the Public Sector, Sarb then became a Management Consultant. As a management consultant, he also ran various management training courses, before entering the software development field as a programmer/analyst and then a project manager. It was as an application development project manager that Sarb entered the Security field.

Sarb has experience in both the Public Sector (includes local authorities, health authorities and voluntary organisations) and various private industries (including finance, technology, and new media). Although he has worked for many medium sized companies, larger employers/clients have included: PA Consulting, 3 Com, Sybase, BBC World Service, Sony Records, IATA, Chase Bank, AVIVA

Since his entry into the field of security, Sarb has experience in all aspects of security, as a practitioner, and as a contributor to the industry (through research and standards), including: a survey on Converged Security Management and as a contributor to the ASIS/ANSI PAP physical security management standard which recommends a Converged approach to security. Also, he co-developed the Converged Security Management Maturity Model, which he further adapted to create the Cyber-Attack Response Maturity Model. In 2012, he contributed to the ISACA “Web Application Security White Paper. On behalf of ISACA, Sarb has contributed to several EU and Government consultations on Cybercrime, Data Retention and Data Breaches.

In January 2013, Sarb was recognised in the IFSEC Global list of “40 Most influential people in Security and Fire” (: ).

The research Sarb has undertaken includes “Vulnerabilities of Network CCTV Systems”, “Data Integrity Attacks”, Converged Security Management and “Cyber Threats”. Sarb has written for many publications and contributed to several articles including the following topics: Vulnerabilities of Network CCTV systems, Data Integrity Attacks, Cyber Threats, Converged Security Risk Management,

Sarb is a regular speaker at Information Security Conferences around the world, including RSA Europe, InfoSec, HITB, BCS, ISACA, ISSA, ASIS, IPSec, IFSec, Gartner, Richmond Events Security Summit, Econique CxO Dialogue. Sarb is the founder of the International Secure System Development Conference, now entering its 3rd year.

Memberships and roles: Chair of ISACA Region 3 Government and Regulatory Advisory Sub-Committee, and member of the ISACA International GRA Committee; member of the ISACA Cloud Computing Task Force; and is a Past-President of ISACA London Chapter); Founder and first Chair of the Security Advisory Group of ISACA London Chapter; a member of InfoSecurity Magazine Editorial Board; a member of ISSA UK Advisory Board; member of the iGRC Advisory Group; Member of IET; Eurim; and an individual member of the Parliamentary IT Committee (now PICTFOR).