About Aaron Shum

Aaron Shum is a Vice President in the Security & Privacy Research and Advisory Practice at Info-Tech Research Group. With 25+ years of experience across IT, InfoSec, and Data Privacy, he currently specializes in helping organizations implement comprehensive information security and cybersecurity programs, as well as comply with data privacy regulations such as the European Union's General Data Protection Regulation and the California Privacy Rights Act.

Prior to joining Info-Tech Research Group, Aaron led the GDPR compliance efforts of a large multi-national enterprise with over 80 locations spanning across 24 countries including US, Canada, and various countries in Europe, Asia, and Australia. Holding the credentials of Certified Information Privacy Professional for Europe (CIPP/E), Certified Information Privacy Technologist (CIPT) and Certified Information Privacy Manager (CIPM), Aaron's practical experience includes interpreting and applying the GDPR regulation across all different business functions, such as HR, IT, marketing, sales, etc. He recently led the development of the Info-Tech’s quantitative privacy framework.

Formerly, Aaron supported the growth of a multi-national technology integration company as its global head of IT and InfoSec, implementing a cloud transformation roadmap that included a fully unified communications platform, hybrid cloud infrastructure, and a DevOps applications provisioning, development, and deployment platform. During his almost 10-year tenure, he also developed an ISO27001 compliant Information Security Management System and managed the company’s internal and enterprise client-facing security, governance, risk & compliance programs.

Aaron holds a Bachelor's degree in Computer Science from the University of Toronto, and is an ISO27001 Lead Implementer and MCP, in addition to being a CIPP/E, CIPT and CIPM.

My Company

Sites