The management of cyber risk is a continual journey that adapts to changes in the circumstances of an organisation. As it develops new products and services, deploys and implements new technologies, acquires new businesses and it grows strategically and organically. Cyber risk management is a complex and continual process of evolution and change, moving as fast or as slow as the threats to the business model. It is a risk that is now being regulated in the U.S and EU. With 2022 seeing the EU and U.S develop cybersecurity risk management regulation, regulatory proposals and enforcement regimes. Regulations and proposals that formalize leadership teams take accountability and responsibility for cybersecurity risk management, governance, strategy and incident response reporting.
We don’t advise leadership teams to take this journey on alone. Unless you have the skills and experience to develop cybersecurity risk management strategy and operations along side those of the business. Cyber regulation and compliance is expensive and the cost of failure can be significant. Legal precedence has been set in the U.S in 2022 that will continue in 2023 that will place a significant legal risk to both board members and CISOs.
Andy is a cybersecurity risk management professional. He has held global and regional 1st and 2nd Lines of Defence positions for organizations for cybersecuirty, risk management and cyber risk management. Building and leading Grupo Santanders global cyber risk function, European cyber and Operational Risk for Mizuho Corporate Bank and global head of cyber for Penguin Random House. He was Counsel appointed cyber and risk expert and advisor to the ICO and he received the U.S Presidential volunteer service award for his work on the U.S DoD CMMC program.
Andy is a Chartered Security Professional (CSyP) and CSyP assessor, recognised by the UK National Protective Security Authority (NPSA) (Formally CPNI), and holds a place on the Register of Chartered Security Professionals. He is a Chartered Engineer (CEng) received during his time at Rolls-Royce plc, and he is a member of the Institute of Mechanical Engineers (MIMechE). He is an Associate of the Academy of Expert Witness (AMAE), a member of the Security Institute (MSyI), a Freeman of the Worshipful Company of Security Professionals (WCoSP) and a Freeman of the City of London.
Andy has provided thought Leadership and helped formulate cyber strategy through many papers, webinars and conferences. That have included discussions with the White House Office of the National Cybersecurity Directorate, U.S Department of Defense, The Cyberspace Solarium Commission, Members of Congress, All Party Parliamentary Committees conducted with the U.S DoD, he has led CMMC for UK defence trade associations and given webinars, presentations and papers for the AICPA, IIA, AFCEA and NDIA amongst many others.
Andy provides advice and guidance on cybersecurity and risk management governance, strategy, programs and delivery.
Ted is a veteran of cybersecurity with over 40 years’ experience of the design, delivery, oversight and assurance of cybersecurity and risk management systems. Ted’s area of expertise is the management of risk in Information Technology developed over the years. He is an experienced systems Auditor and Integrator giving him a unique insight as to the challenges associated with developing eGRC programs, that satisfies the compliance requirements faced by organizations of all types and sizes.
He is an internationally recognised cybersecurity, risk management and Information system educator and a highly respected security trainer. He is authorized to train ISACA CISA, CISM, CRISC, ISC2 CAP, CCSP, and CISSP. He holds DoD secret clearance and has taught causes for a broad range of public and private sector organizations that includes most U.S Federal Agencies, State and Local Government, and companies across financial services, consultancies, engineering, manufacturing, defence, healthcare, media and IT services providers and cloud.
Bob is a leader with more than 30 years of experience in senior executive roles in both industry and U.S government. He has a considerable amount of knowledge and experience supporting engagements, partnership and knowledge sharing between U.S Federal Government and Industry. Recognized for his significant expertise in public policy issues management across a diverse portfolio of topics at the U.S Federal, State, and Local levels of Government. Consistently focused on issues such as cybersecurity risk management, critical infrastructure protection and resilience, supply chain risk management, full and open competition in public procurement and much more, with a proven record of productivity in strategic planning, and value delivery in support of mission objectives.
Bob served as the Staff Director for the Subcommittee on Technology, Information Policy, Inter-governmental Relations and the Census, Government Reform & Oversight Committee, United States House of Representatives during the 108th Congress. Spent over 11 years building and leading a global government affairs team at Juniper Networks. Including the Information Technology Sector Coordinating Council (IT-SCC), the Partnership for Critical Infrastructure Security (PCIS), senior executive representative to the President’s National Security Telecommunications Advisory Committee (NSTAC) and Enduring Security Framework (ESF) as well as Cybersecurity Committees for AFCEA and the United States Chamber of Commerce.
Bob is a two-time Fed 100 honoree, for his services to U.S. Federal Government and was recognized as the FCW Industry Eagle Award honoree. He works to support clients engage with U.S Federal Government in the pursuit of public private knowledge sharing. More recently supporting engagement between the White House Office of the National Cyber Directorate (ONCD) and UK cyber policy makers
Howgate-Sable – Associate
Neil Humphreys is Managing Director of international executive search firm, Howgate Sable and an associate of Augusta Group advising on talent, capability and global mobility. With extensive experience in executive search and human capital consulting, Neil and his team have built a reputation of delivering talent globally in industrial, aviation, CNI and consumer markets. Having held a number of operational and supply chain roles in his earlier career in military aerospace, Neil’s 20+ years in headhunting mean that he is well placed to advise on organizational design and talent acquisition.
Howgate Sable operate extensively in Europe, North America and the Middle East with a dedicated practice group focused on cyber defence appointing CISO and their direct line reports.