Mark Lundin

Mark is a principal focusing on cloud, security, and privacy compliance and assurance. He has over 20 years of experience delivering cloud, security, and privacy compliance consulting and innovative attestation services to established industry leaders and high growth companies. Prior to joining BDO, he served as partner in charge of a Big Four firm’s cloud and security assurance practice for 10 years.

Mark has led a variety of security and privacy compliance initiatives establishing governance and risk management functions, developing unified compliance programs to address diverse requirements, designing encryption management processes, and continuous monitoring of security/privacy compliance. He has also led hundreds of complex attestation engagements for large and emerging technology organizations, often covering numerous standards and frameworks (e.g., SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27017/27018, NIST 800-53, PCI, CSA CCM, HIPAA, and WebTrust for CAs.)

Mark focuses on the technology industry, particularly cloud providers, and financial services, healthcare, and other companies with complex technology environments.

Mark has chaired ISO standards committees and participated in AICPA and other U.S. committees focused on cloud, encryption, security, privacy and third party assurance. He is also a frequent speaker and author on emerging issues with these topics.