Modern CISO Network: Board Book
A directory of board-ready security leaders
location
EMEA
areas of expertise
- Security and privacy governance in startups
- Risk management and strategy
- DevSecOps and agile security
- IT security compliance and audit
- Mentoring and coaching
Tomas Honzak
CISO, VP Security & Compliance
GoodData Corporation
Tomas Honzak is a strongly motivated information and communications technology (ICT) executive with more than 20 years of experience focusing on IT governance, information security, data protection, and compliance. He is currently the CISO, Privacy Officer, and VP of Compliance Operations for a global leader in cloud-based analytics.
In his current role, Tomas successfully established an enterprise-grade security management system suitable for a startup with 200 employees. This system has passed SOC 2 Type II audits, complies with ISO 27001, HIPAA, GDPR, and other privacy regulations. His strategic planning and governance fostered growth, doubling the company size to more than 400 employees and securing multi-million dollar deals with leading global payment processing firms. In addition, Tomas built the security and compliance team, internal audit, and security operations from the ground up. He introduced a revolutionary software as a service (SaaS) audit tool that replaced the need for additional personnel, resulting in an annual savings of $250,000.
Previously, he facilitated the transformation of software development processes in a global telecommunication software provider. This included overseeing outsourcing and insourcing activities, as well as a lean transition when the division was acquired by a private equity fund. Proactively navigating these changes, he sustained excellence in quality, robust process control, and information security while guaranteeing compliance with ISO certifications.
He is the Vice President of the ISACA Czech Republic Chapter. As an enthusiast of DevSecOps, he finds passion in creating synergies between agile methodologies and standards-based process approaches. He favors automation over paperwork and strives for tangible improvements and value from the frameworks, regulations, and audits. He uses his spare time to help early-phase startups kick off and build their security programs. His credentials include CISM and CGEIT, Prince 2 Practitioner, ITIL Foundation, and CPO/CSM.