Areas of Focus

• Cybersecurity Maturity, Control Effectiveness and Incident Management
• Cyber Governance, Resource Prioritization and Security Metrics
• Software Development Lifecycle Security

Recent Engagements:

• Designed a cyber defense model for leading global financial technology vendor which leveraged the MITRE ATT&CK Framework to drive threat-informed controls assurance and prioritize security investments

• Conducted application security lifecycle review for major software provider, piloting NIST’s Secure Software Development Framework (SSDF) to assess coding practices and national security risks

• Directed cybersecurity program resourcing and benchmarking assessment of one of the world’s largest online travel companies to baseline existing spend and optimize future security investments across portfolio companies

• Led C-suite and board-level cyber exercises that stress-test enterprise response to a disruptive cyber event for major financial institutions, manufacturers, and other critical infrastructure

David London is a Managing Director at The Chertoff Group, where he helps companies address their most pressing cybersecurity risks. David works with clients to strengthen cyber governance, drive control transparency and prioritize security investments. He assists operational personnel and senior decision-makers to effectively mitigate and communicate cyber risk. He has led high-profile cybersecurity engagements in energy, financial services, retail, health care, and technology sectors.

Prior to joining The Chertoff Group, David spent nine years at Booz Allen Hamilton where he led the design and development of some of the highest profile cyber exercises in the world including NERC’s Grid Security Exercise Series. He also directed company-specific incident management engagements to exercise operational, tactical and executive-level cyber readiness.
Senior Positions Held:


• Certified Information Systems Security Professional (CISSP)
• Project Management Professional (PMP)


• M.B.A., George Washington University
• B.A., Emory University

Recent Publications, Interviews and Speaking Engagements

• Chertoff Group Security Bulletin “Software Lifecycle Security: Increased Scrutiny Offers Opportunity for Differentiation,” July 2020, https://www.chertoffgroup.com/blog/software-lifecycle-security-increased-scrutiny-offers-opportunity-for-differentiation
• “How Cyber Criminals Use Coronavirus Scams to Target Victims,” Security Management Magazine, June 1, 2020, https://www.asisonline.org/security-management-magazine/articles/2020/06/how-cyber-criminals-use-coronavirus-scams-to-target-victims/
• Boston University Law School Guest Lecturer, “Securing the Financial Sector Against Cyber Attacks” March 19, 2020
• “Closing the Security Gap in OT/IT convergence,” CSO Magazine, January 27, 2020, https://www.csoonline.com/article/3516009/closing-the-security-gap-in-ot-it-convergence.html
• “Cybersecurity Illusion—Enterprise Security Remains Reactive” Webinar Speaker, October 2019
• “Electric Grid Security Unites Public and Private Sectors,” GovTech, June 11, 2019, https://www.govtech.com/em/safety/Electric-Grid-Security-Unites-Public-and-Private-Sectors.html
• “Four Ways to Protect your Device from Botnets,” The Paralax, October 26, 2018. https://the-parallax.com/2018/10/26/primer-4-ways-protect-devices-botnet/
• David has also been frequently interviewed and appeared on Chertoff Group podcasts: https://www.chertoffgroup.com/podcasts

Topics: Cyber Team

Schedule a Consultation

Contact us today to learn what we can do for you.

Schedule a Consultation