Ross Saunders

The Nerd with Trust Issues: Making Privacy and Cybersecurity Governance Fun and Engaging!

Upcoming Talks and Events

HOw it all began

Ross Saunders with glasses and a black t-shirt featuring colorful mushrooms and a frog, sitting at a wooden table with his chin resting on his hand, and a smartwatch on his wrist.

Imagine waking up to watch your bank account draining in real time because your identity has been stolen.

That nightmare was my reality and it changed the course of my life. For the past decade, I’ve taken that personal crisis and turned it into a global mission: helping organizations, leaders, and everyday people understand the hidden risks of our digital world and how to protect themselves. Privacy and risk might sound dry, but I make them anything but. Turning complex, often boring topics into entertaining, unforgettable experiences that stick long after the applause.

Watch how Ross makes complex privacy and security topics land; clearly, compellingly, and without the jargon or legalese!

BOOK ROSS FOR YOUR EVENT
Black-and-white photo of a man with glasses and a beard, wearing a checkered shirt, smiling at the camera.

Head of Operations, Global FinTech Payments Platform

“Wise, clever, brilliant and well versed in Data Protection. Ross is extremely enthusiastic about his work which is infectious. I feel Ross is one of the best speakers we currently have on Data Protection.”

Featured Keynotes

Ross Saunders with long brown hair tied in a ponytail, wearing glasses, a black jacket, and a black graphic t-shirt with colorful mushrooms and a frog print, standing in front of a beige brick wall.

YOUR DATA, YOUR RULES

HOW TO PROTECT YOUR DATA IN A WORLD THAT WON’T

Imagine waking up and being able to watch your bank account draining in real time because your identity has been stolen. In 2013, this happened to Ross, and it’s a nightmare no one should experience.

This entertaining talk dives into easy-to-apply fundamentals of protecting yourself from cyber threats, along with the rights you have in terms of your data!

Best for public audiences and consumers

Ross Saunders with long hair, glasses, and a bright smile, sitting on a red velvet chair, wearing a blue blazer and white t-shirt, in front of a brick wall.

RACING REGULATION

MASTERING GRC IN THE AGE OF UNSTOPPABLE INNOVATION

How do you manage compliance when the goalposts never stop moving? This keynote explores practical strategies for building governance frameworks that can flex with disruption while maintaining compliance.

Among others, Ross covers rapid risk assessment of emerging technologies, methods for creating living policies, and managing shadow IT and AI.

Best for tech, corporates, and executives

Ross Saunders performing pole dance, hanging upside down and gripping the pole with one hand, inside a studio with brick walls.

Key Risque Indicators

GOVERNANCE GYMNASTICS AND COMPLIANCE CALISTHENICS

Explaining risks and controls to teams has never been this visual, exciting… or cheeky! Literally turning risk on its head, this one-of-a-kind keynote brings a physical show of how Privacy and Cyber risks materialize.

Audiences will leave seeing Governance, Risk, & Compliance in a new light, and that peak GRC performance comes from a balancing act of strength and flexibility!

This talk is (wildly) flexible! #iykyk

BOOK ROSS FOR YOUR NEXT EVENT

Other Services

In addition to keynote speaking and workshops, I offer several additional professional services in relation to privacy and cybersecurity governance.

  • I come on board as a senior privacy engineer who joins your team part-time to design and run practical data protection. We map data flows and risks, turn legal rules into technical designs, set privacy-by-design patterns (like data minimisation, pseudonymisation and limited access), and build automated controls for consent, retention and data subject rights. Delivered as a predictable monthly service, it boosts compliance, supports existing teams, cuts the need for expensive hires, and keeps engineering, product and legal aligned with auditable privacy practices.

  • Flexible, expert advice when you need it. Book hourly support across a range of topics to support privacy in your tech company. From roadmapping, to policy changes, to problem-solving specific, deep technical issues, I am there for you!

  • Ensure your tech company gains complete visibility into its threat landscape with an organisation-wide risk assessment aligned to NIST or customised to your operational realities — I map assets, identify gaps, quantify impact and prioritise remediation so executives and engineers can make informed, timely decisions. The result is a single, actionable view of risk that drives consistent governance, improves incident response, supports compliance, and focuses scarce resources on the highest-return controls, reducing downtime and strengthening customer trust.

  • Assessing SDLC maturity against OWASP SAMM alongside my own privacy-specific controls, delivers a comprehensive view of privsec across the development lifecycle. By mapping your controls to SAMM’s domains, assigning maturity levels, and using evidence-based metrics (e.g., percentage of projects with completed DPIAs, automated data-flow inventories, or frequency of privacy unit tests), you gain actionable insights into gaps, remediation priorities and cross-functional accountability. The result is a unified privsec maturity profile that drives investment decisions, informs training and tooling roadmaps, and embeds privacy as repeatable, measurable practices within the SDLC rather than an afterthought.

  • Performing and facilitating threat assessments using LINDDUN and PLOT4AI to give your product team a rapid, cost-effective, and practical insight into the risks you are facing in terms of data privacy and/or AI implementation. If you only start risk assessment once you go to code, you’re already too late!

  • Most privacy legislation requires training at least annually for all staff. I provide interactive (dare I say, fun) training on privacy and security training to all staff, or specific teams such as development, security, customer service and more.

Work With Me

If you are looking for IT strategic advisory services that I provide to small and micro businesses, please check out www.gotaminute.it for more details!

UPCOMING EVENTS

UPCOMING EVENTS

14 MARCH 2026

Online
10:00 Eastern

Global Speakers Federation Professional Speakers Day (Online)

The GSF Global Livestream is an epic 12+ hour YouTube Live broadcast to celebrate and elevate the global speaking profession. Tune in any time on Saturday, the 14th of March -- Professional Speakers Celebration Day.

WATCH LIVE

25 MARCH 2026

Online
Eastern Time

PrivSec Masterclass for CTOs (Online)

Are you a Chief Technology Officer looking to get detailed, down, and dirty on privacy and security? Tired of generalised impractical content that covers the business as a whole, and not the complexities of development and product teams? Join me for this online full-day masterclass designed specifically for CTOs.

ENROL NOW

9-10 April 2026

In Person
Halifax Convention Centre

Atlantic Security Conference (ATLSECCON)

Think privacy is somebody else's problem? Many dev teams assume it lives safely in the hands of Security or Legal while they're busy shipping features. Trouble is, these obligations that Legal and Sales add into contracts directly affect dev, and you've likely never seen them!

REGISTER

28 May 2026

In Person
Ted Rogers School of
Management

Toronto Product Con (Part of Toronto Tech Week)

Join 300+ product professionals at Toronto's first conference designed for both working PMs and seasoned product leaders. Choose your sessions, connect with your peers, participate in the unconference, and leave with insight you'll use the next day.

REGISTER

29 May 2026

In Person
TBC

Privacy and Pilates

More detail coming soon!