Penny Yap
Senior Consultant
Penny Yap is a proactive problem solver, engagement specialist, jargon interpreter and juggler of many projects. Formerly a senior journalist and editor, Penny has transitioned to a career in cyber security. Having gained the Certificate in Cyber Security from the University of Technology Sydney, she obtained CompTIA Security+ certification in 2023, and ISC2 CGRC and ISO 27001 Lead Auditor certifications in 2025. Penny enjoys helping businesses gain a deeper understanding of their cyber risk, developing and assessing ISMS’s, and spreading the word about positive security.
Penny's posts
Risk Management
27 November 2025
Strengthening Cyber Resilience: Our Partnership with Synova in Their Responsible Investing Journey
Geo-blocking
17 June 2025
Geographical blocking: the how and the why, for beginners
Cyber risk management
16 April 2025
Remote vs In-office: What are the security implications?
Risk Assessment
9 April 2025
How to write a good risk scenario
Risk Assessment
30 October 2024
What makes a good risk assessment?
Compliance
29 October 2024
How DORA could have changed history?
Compliance
5 September 2024
How does DORA differ to ISO 27001?
Compliance
30 August 2024
What's in DORA's backpack?
Risk Advisory
19 July 2024