Brandon Dunlap has more than 15 years of experience managing business technology risk in large and small organizations. He has served in a variety of roles across heavily regulated industries, successfully leading all aspects of IT security programs, including policy and procedure management, oversight and control, strategy, architecture, development, and training. Currently, he is the Managing Director of Research of Brightfly, an independent, advisory and research firm that focuses on building a collaborative practitioner community and bridging the gaps within information technology, security, risk, compliance, and audit disciplines. In addition to his duties as Managing Director of Research, he also fills an advisory role as Chief Compliance and/or Security Officer for Brightfly clients
Using Brightfly’s research within their internal incubator, Brightfly Development, Brandon designed and brought to market Illumination, a tool for automating IT policy development, compliance and tracking, which, through the acquisition of BindView, is now part of the Symantec Control Compliance Suite. Brandon has also served as a Symantec Senior Product Manager and as the head of the Information Protection Unit at Constellation Energy. In his role at Brightfly, he uses his unique background to guide the firm’s research agenda and cultivate the community involvement. Additionally, he develops and delivers curriculum on key security and compliance topics for leading professional associations.
Brandon’s vendor-neutral perspective have made him a popular presenter at technical and business-focused events In addition to headlining Brightfly events, he has recently addressed professionals at international gatherings and regional events of the Institute of Internal Auditors (IIA) and ISACA, as well as ISC2, the Institute for Applied Network Security (IANS), the ASIS International, among others. Brandon has been quoted and profiled in major industry publications, including CSO Online, InfoSec Professional, Information Security Magazine, Dark Reading, Compliance Week, and TechTarget’s SearchSecurity.