Chris is an experienced Security Architect and Consultant with a proven track record at designing, delivering and integrating secure solutions for clients, developed over 16 years across industry sectors.
He has also driven a number of compliance-related initiatives around ISO, SOX and PCI requirements, and as part of these has delivered policies, standards, processes and other documentation to embed security and best practice into daily operations.Read More
He has worked extensively in the UK, continental Europe and the Asia-Pacific area and for a variety of clients across the Finance, Telecoms, Energy, Defence and Public sectors.
With a specialty around Identity and Access Management, Security Monitoring and Governance, he brings a deep expert knowledge across a number of leading technical platforms (including Sailpoint IIQ, Core Security IAM, Arcsight, Splunk, Intellitactics, LogRhythm, Symantec SIM, RSA SIEM amongst others), and a vast amount of real-life field experience around their deployment in large and complex environments.
Certifications include CISSP (2011) and ISO 27001 Implementer (2017) and multiple vendor product qualifications.
John is an acknowledged Information Risk and Security expert with over 30 years’ experience and a unique scientific background which enables him to quantify risk and the components that contribute to the creation of risk, helping Blue Chip clients address strategic risk management problems and build enterprise-wide security improvement programmes.
He provides strategic advice and assistance at all levels to clients, helping them build information security functions, strategies and programmes that support business’ objectives and sustain success.Read More
John has a strong technical background (including a science Ph.D.) plus an enormous wealth of experience designing security solutions and running or contributing to security projects. This enables him to work within complex and technological environments helping top-level security and business management address pressing security needs.
He can communicate the rationale, value and benefits of security programmes to C-level business management, design security programmes in response to governance and business objectives, and deliver improved security management systems and technological controls.
He has worked for clients across most sectors of industry though his experience is predominantly with national and international financial organisations and technology services providers. He has presented at numerous national and international conferences on a wide variety of subjects. He has delivered numerous training courses and workshops for clients, from introductory courses on information security through to a detailed description of the workings of the DES and RSA cryptographic algorithms.
He was an active member of the Management Committee for the Information Assurance Advisory Council (IAAC) from May 2002 until March 2011, and at the head of their widely-acclaimed research programme for five years.
He is also a member of the International Board of Referees for Computers and Security, and a peer reviewer for IEEE Security and Privacy.
Richard is an experienced international hybrid consultant, leader, Henley Business School Executive Fellow and GCHQ Certified Trainer, who has led many cyber security and data protection education, exercises, strategy and operational consultancy engagements
Current and recent assignments include information security and data protection strategy and capability development for a number of UK and international organizations, covering Financial Services, Oil and Gas, Energy, Telecoms, Education, National Security and Defence sectors. This includes practical application of the National Cyber Security Centre’s (NCSC) Capability Assessment Framework (CAF) based upon Outcomes and Principles.
He is a chapter author for “Managing Cybersecurity Risk – How Directors and Corporate Officers can protect their businesses” and has written a follow-up chapter in “Managing Cybersecurity Risk – Case studies and Solutions”. He has also co-authored a recent whitepaper “GDPR: What to expect in 2018, up to May 25th and beyond”, under The Security Transformation Research Foundation and been published in the Journal of Data Protection and Privacy.
He was a co-opted core-panel member of the British Standard (BS) 31111:2018 : “Cyber Risk and Resilience – Guidance for Boards and Executive Management”. The Standard is intended to provide guidance for those in the commercial and public sector who must minimize the risks and maximize the opportunities of the Digital Age. He is now a co-opted panel member on BSI’s G-1 (Governance standards) Committee.
Underpinning Richard’s experience and qualifications is a background of over 20 years in the British Army.
Aphaia are leading experts in ICT regulation and policy.
Founded by Boštjan Makarovič and currently based in London and Madrid, their products include Data Protection Impact Assessment, Data Protection Officer Outsourcing, and Telecoms Policy Consultancy, dealing with the most demanding issues, including net neutrality and IoT.
CyberSolace is a small Cyber Security advisory firm founded by Hani Banayoti and supported by a network of industry experts and prominent affiliates with the sole intent of delivering a new breed of security advisory services to industry.
Finyx provide high quality IT management consulting services, together with strong delivery capabilities that are firmly rooted in the world in which their clients operate.
It was established in 2006 by a small team of highly skilled individuals with CIO/CTO level experience within major global financial services firms. Since that time Finyx has conducted operational reviews, developed transformational strategies, and delivered high value change and delivery programmes for a wide range of global clients.