About Richard Curtis

Richard is a Director in RSM UK’s Technology and Data Risk team with over 25 years of experience across IT infrastructure, cyber security, and technology leadership. He advises organisations on strengthening security, improving operational resilience, and managing technology risk.

His expertise includes cyber strategy, maturity assessments, offensive security testing, executive cyber advisory, cloud and Microsoft 365 security assessments, vulnerability management, and broader cyber resilience programmes. He also leads penetration testing, red team exercises, and cyber-attack simulations, and provides virtual Chief Information Security Officer (vCISO) services to senior leadership teams.

Before joining RSM UK in 2020, Richard was Head of IT at RSM South Africa and helped build the firm’s cyber security advisory capability. His background spans enterprise infrastructure, consulting, cloud transformation, cyber security strategy, and technology risk.

Richard is a Certified Ethical Hacker (CEH) and holds numerous Microsoft and other relevant industry certifications. He also frequently shares insights as a speaker on cyber security topics and contributes thought leadership on emerging cyber threats, identity security, and organisational cyber resilience.