John Leach

John Leach

Associate Partner

John is an acknowledged Information Risk and Security expert with over 30 years’ experience and a unique scientific background which enables him to quantify risk and the components that contribute to the creation of risk, helping Blue Chip clients address strategic risk management problems and build enterprise-wide security improvement programmes.

He provides strategic advice and assistance at all levels to clients, helping them build information security functions, strategies and programmes that support business’ objectives and sustain success.

Read More

John has a strong technical background (including a science Ph.D.) plus an enormous wealth of experience designing security solutions and running or contributing to security projects. This enables him to work within complex and technological environments helping top-level security and business management address pressing security needs.

He can communicate the rationale, value and benefits of security programmes to C-level business management, design security programmes in response to governance and business objectives, and deliver improved security management systems and technological controls.

He has worked for clients across most sectors of industry though his experience is predominantly with national and international financial organisations and technology services providers. He has presented at numerous national and international conferences on a wide variety of subjects. He has delivered numerous training courses and workshops for clients, from introductory courses on information security through to a detailed description of the workings of the DES and RSA cryptographic algorithms.

He was an active member of the Management Committee for the Information Assurance Advisory Council (IAAC) from May 2002 until March 2011, and at the head of their widely-acclaimed research programme for five years.

He is also a member of the International Board of Referees for Computers and Security, and a peer reviewer for IEEE Security and Privacy.


fa fa-linkedin John’s LinkedIn Profile

John Leach Information Security

Richard Preece

Richard Preece

Associate Partner

Richard is an experienced international hybrid consultant, leader, Henley Business School Executive Fellow and GCHQ Certified Trainer, who has led many cyber security and data protection education, exercises, strategy and operational consultancy engagements

Current and recent assignments include information security and data protection strategy and capability development for a number of UK and international organizations, covering Financial Services, Oil and Gas, Energy, Telecoms, Education, National Security and Defence sectors. This includes practical application of the National Cyber Security Centre’s (NCSC) Capability Assessment Framework (CAF) based upon Outcomes and Principles.
Read More

He is a chapter author for “Managing Cybersecurity Risk – How Directors and Corporate Officers can protect their businesses” and has written a follow-up chapter in “Managing Cybersecurity Risk – Case studies and Solutions”. He has also co-authored a recent whitepaper “GDPR: What to expect in 2018, up to May 25th and beyond”, under The Security Transformation Research Foundation and been published in the Journal of Data Protection and Privacy.

He was a co-opted core-panel member of the British Standard (BS) 31111:2018 : “Cyber Risk and Resilience – Guidance for Boards and Executive Management”. The Standard is intended to provide guidance for those in the commercial and public sector who must minimize the risks and maximize the opportunities of the Digital Age. He is now a co-opted panel member on BSI’s G-1 (Governance standards) Committee.

Underpinning Richard’s experience and qualifications is a background of over 20 years in the British Army.


fa fa-linkedin Richard’s LinkedIn Profile

DA Resilience

Nick Simms

Nick Simms

Associate Partner

Nick Simms is a strategic Programme Manager specialising in challenging, hard-to-deliver, Governance, Risk & Compliance (GRC) programmes with mandatory deadlines.

His background is largely in Operational Resilience, Business Continuity Management (BCM) and Crisis Management but with substantial experience in Strategy Development, Target Operating Models, Disaster Recovery, Vendor Risk Management and Data Protection and Data Privacy. He has assisted large firms over the past three decades in preparing for and managing actual and potential crises, ranging from Olympics, Pandemic Flu, Year 2000, bomb scares, earthquakes, floods and data centre failures and Distributed Denial of Service (DDoS) attacks.

fa fa-linkedin Nick’s LinkedIn Profile


aphaia logo


Associate Firm

Aphaia are leading experts in ICT regulation and policy.

Founded by Boštjan Makarovič and currently based in London and Madrid, their products include Data Protection Impact Assessment, Data Protection Officer Outsourcing, and Telecoms Policy Consultancy, dealing with the most demanding issues, including net neutrality and IoT.


fa fa-twitter Aphaia’s Twitter Feed

fa fa-linkedin Aphaia’s LinkedIn Page


Arsia Mons logo

Arsia Mons

Associate Firm

Arsia Mons is a leading consulting firm based in Paris founded by Patrick Hummel, and specialising in the architecture and delivery of transformative IT solutions.


fa fa-twitter Arsia Mons’ Twitter Feed

fa fa-linkedin Arsia Mons’ LinkedIn Page


CyberSolace logo


Associate Firm

CyberSolace is a small Cyber Security advisory firm founded by Hani Banayoti and supported by a network of industry experts and prominent affiliates with the sole intent of delivering a new breed of security advisory services to industry.


fa fa-linkedin CyberSolace’s LinkedIn Page


Finyx logo


Associate Firm

Finyx provide high quality IT management consulting services, together with strong delivery capabilities that are firmly rooted in the world in which their clients operate.

It was established in 2006 by a small team of highly skilled individuals with CIO/CTO level experience within major global financial services firms. Since that time Finyx has conducted operational reviews, developed transformational strategies, and delivered high value change and delivery programmes for a wide range of global clients.

fa fa-twitter Finyx’s Twitter Feed

fa fa-linkedin Finyx’s LinkedIn Page


Saphisle logo


Associate Firm

Saphisle tackles complex, global challenges across the full digital and cybersecurity landscape. Founder and CEO, Mark Segelov, has built a team that shares his commitment to simplicity, pragmatism and outstanding customer service. Mark has 20 years experience in digital and cybersecurity and has a reputation as a trusted advisor and thought leader.


fa fa-linkedin Saphisle’s LinkedIn Page


Strata Security

Associate Firm

Strata helps cyber security teams to be more proactive and efficient.

Across 15 years as a cyber-security consultant before Strata, founder Chris Burtenshaw kept coming up against the same problem: companies’ perennial inability to easily assess, and thus understand, security performance.

With advances in cloud security making a better way more feasible, Chris grew tired of implementing unsustainable ‘quick fixes’.  Instead, he took on the challenge to build a scalable, repeatable solution, which became Strata Insight.

Since its 2018 founding, Strata has built a strong team, garnered great reviews from industry leaders, and is now proving its effectiveness in action with customers.  Together we are delivering on our vision of joined up security.


fa fa-twitter Strata’s Twitter Feed

fa fa-linkedin Strata’s LinkedIn Page