David Mantock

I’m a bilingual (EN/DE) CISO and Board Advisor who turns cybersecurity into a business advantage. I bring 25+ years of leadership in regulated environments—public sector, healthcare/e‑pharmacy, and critical infrastructure—where trust, uptime, and compliance are non‑negotiable. My approach is empathy‑first and outcomes‑driven: align people, make processes repeatable, and deploy technology that empowers delivery.

What I deliver:

• Executive reporting that drives decisions: top risks mapped to actionable controls—no noise, just clarity.

• Certification and market access: ISO 27001 uplift (with 27017/27018), privacy alignment (GDPR/DSG‑CH), and audit readiness that clears the path to revenue (e.g., e‑prescription market entry).

• Culture and execution: Security Champions at scale, humane leadership, and non‑violent communication to shift from “security as friction” to “security as enablement.”

• Incident readiness and response: pragmatic playbooks and post‑incident remediation that reduces time‑to‑control and rebuilds trust with regulators and customers.

How I work:

• Install simple, durable management rhythms—PDCA and risk‑to‑initiative governance.

• Translate controls into effectiveness, and resilience for CEOs and CFOs.

• Focus on measurable outcomes.

Selected outcomes:

• Enabled entry to a €50B e‑prescription market via security certification.

• Extended ISO 27001 with cloud/privacy codes of practice in complex, managed service provider setting.

• Built programs that endure and scale.

Engagement formats:

• Fractional/Interim CISO

• Board and GRC advisory