RISCS Advisory Board
- Samantha Dowling, Home Office
- Emma Green, Department for Digital, Culture, Media and Sport (DCMS)
- Kerry Gibson, Ministry of Defence
RISCS Advisory Board Chair
John has 25+ years experience in Customer-facing roles in the Cyber Security Industry – from finance, through sales and marketing, to service delivery – with 10 of those years running professional security services and managed security services.
He has a consistent track record of delivering results whether for a startup company (Entrust), mid-tier (RSA Security), or large integrator (BT, Verizon and Cognizant), and is known for commitment to deliver on the commitment associated with large security programs, and is equally comfortable delivering tactical program outcomes and maintaining the focus on strategic roadmap.
John is an accepted member of the UK security community with strong Architectural expertise. He has high-end solution field-sales and sales management experience with a track record of success and is comfortable operating at Board level within client companies.
Arcanum Information Security
Jane is a Fellow of the British Computer Society with an MSc in Information Security and MBA in International Management, and one of a small group of security SMEs with two NCSC Lead certifications. She is Operations Director of Arcanum Information Security Ltd, a National Cyber Security Centre (NCSC) certified company, which she co-founded in 2008.
A cyber security professional with over 20 years experience, she has advised numerous organisations including. Jane was senior member of the UK planning team at Johns Hopkins University for EXERCISE CYBER GUARD, co-led by the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) with over participant 100 organisations, spanning government, academia, industry and military allies. She is a former regular RAF officer with a background in logistics and intelligence. As a military reservist, alongside her civilian career she was the first woman to command the Army’s largest cyber security unit and was the Single Service lead on the Cyber Defence Working Group. She was Committee member of the Information Security Specialist Group of the British Computer Society for 5 years and a Cyber Security Challenge host and assessor 2014-18.
A bit about me: I love what I do, approach everything with energy and enthusiasm and can always see an angle. As a Technical Director of Thales in the UK I have been their leading expert on Cryptography responsible for providing cryptography and information security direction and expertise on a variety of products and projects. Previous work includes the development and certification of flexible and interoperable commercial security solutions that are also widely used by governments; these solutions are available worldwide and support the security of both communications and informatics in an international, multi grade environment. My specialist knowledge is at the core of the cyber defence and forensics activities that I undertake combatting existential treats against business. I can, and have, interacted on security and products at any level from Prime Minister, through Board to deep technical including Agencies, Certification Labs and partners developing and sustaining business opportunities worldwide.
I have generated patents in the area of digital DNA and my research covers aspects of technical security as well as aspects of super-identities and their role in combatting human based cyber-attacks. I have lead EU security research contract and have acted as a n expert on others. As well as contributing to standards I am a frequent speaker at international conferences and deliver lectures to postgraduate information and cyber security programmes in the UK and worldwide.
RISCS Advisory Board Vice-Chair
Until 2010, Larry Hirst was chairman of IBM Europe, Middle East and Africa. He represented IBM to the European Commission, NATO and the EDA on issues of international public policy and business regulation. He was responsible for the company’s corporate citizenship, environmental affairs, intellectual property, standards development and university relations activities across the region.
He has been Chairman of the Transition to Teaching Committee, reporting to the Secretary of State for Education, a Commissioner for the Governments Employment and Skills Council. He was the Chairman of the UK Trade and Investment Executive Board, reporting to the Minister for Trade. He was the Chairman of e-skills the Sector Skills Council from 2003-10. He was a Member of the British Airways International Advisory Board 2012-16 and was a non-exec director and Chair of the Remuneration Committee of ARM Holdings Plc 2011-16. Until 2018 he was the Senior Independent Director of MITIE Group plc 2010-2018. He is an adjunct Professor and an Advisory Board member of the Data Sciences Institute at Imperial College having been Chairman from2014-18.
He was an Advisor to the Presidential Advisory Council on Information Society and Development (PIAC) in South Africa. In December 2009, he was announced as a private sector Business Ambassador by the UK Prime Minister, a role created to promote UK excellence.
Oz Alashe MBE
Oz Alashe MBE is CEO and Founder at CybSafe, a behavioural science and data analytics company that builds software to better manage human risk. A former UK Special Forces Lieutenant Colonel, Oz is focused on making the society more secure by helping organisations address the human aspect of cyber security. He has extensive experience and understanding in the areas of intelligence insight, complex human networks, and human cyber risk & resilience. He’s also passionate about reducing societal threats to stability and security by making the most of opportunities presented through advancements in technology.
Oz was made an MBE in 2010 for his personal leadership in the most complex of conflict environments. Oz chair’s the UK Government’s (DCMS) Cyber Resilience Expert Advisory Group. He also sits on the Advisory Board for the Research Institute in Sociotechnical Cyber Security (RISCS). He’s an Expert Fellow at The Security, Privacy, Identity and Trust Engagement NetworkPlus (SPRITE+), as well as the Royal United Services Institute (RUSI).
Shostack & Associates
Adam is a leading expert on threat modeling, and a consultant, entrepreneur, technologist, author and game designer. He is an affiliate Professor at the Paul G. Allen School of Computer Science & Engineering at the University of Washington, an advisor to the UK’s Research Institute for Sociotechnical Security, and an advisory board member at the Journal of Cybersecurity and the Privacy Enhancing Technologies Symposium.
He’s also a member of the BlackHat Review Board, and helped create the CVE and many other things. He currently helps many organizations improve their security via Shostack & Associates, and helps startups become great businesses as an advisor and mentor.
While at Microsoft, he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and created the “Elevation of Privilege” game. Adam is the author of Threat Modeling: Designing for Security, and the co-author of The New School of Information Security.
Lloyd's Register Foundation
Dr Ruth Boumphrey is currently the Director of Research at Lloyd’s Register Foundation, a global charity protecting life and property and supporting education, engineering-related research and public engagement. She is responsible for a large portfolio including grants, direct charitable activities and accelerated innovation actions through their international trading arm. She recently chaired the first Royal Academy of Engineering Frontiers of Engineering for International Development.
She has experience in the marine science and technology sector, holding a BSc in Environmental Science and a PhD in Ecotoxicology, and has previously held roles as the Head of Earth Observation for the UK Space Agency; as the Head of International at Natural Environment Research Council (NERC) and for Research Policy and International Division at the Department of Environment, Food and Rural Affairs (DEFRA).
Ruth is a Council member at the Welding Institute and Chair of the TWI innovation network. She previously sat as a Council member at Lancaster University.
ASOS is one of the UK’s largest online fashion retailers, having grown from its start in 2000 to an organisation with over 23 million active customers around the world. With offices in London and New York and fulfilment centres in the US, Germany and the UK, ASOS operates at scale both as a direct retailer and as an online marketplace (which brings varied cyber security challenges).
George is ASOS’ Chief Information Security Officer, drawing on over 25 years’ experience in intelligence, telecoms, media and retail to the task of keeping ASOS’ systems and people as safe as possible in the context of rapid software and cloud evolution and deployment. George works across the whole organisation to understand and manage risk in the most rounded way possible and to build resilience. George sits on a number of National Cyber Security Centre and National Crime Agency advisory groups.
Stephen is an information and cyber security practitioner, and international speaker with 20+ years of experience working for global firms across financial services, healthcare, and defence. Stephen has held senior positions at firms including HSBC, RBS, GSK, and Siemens with experience of global regulatory and cyber security frameworks to drive execution and implementation for the management of risks to support business strategies especially as technology and business models are changing at pace.
Stephen is passionate about people and shares his knowledge and experience by coaching and mentoring senior leaders, and young people to achieve their potential. He believes people come into the workplace to do their best work, so leaders need to provide a positive empowered culture allowing teams to thrive and deliver the best outcomes through people, process, and technology.
He contributes to the Cyber Security community as Chairman of Club-CISO advisory board by engaging with 500+ global CISO executives on important matters affecting cyber security and risk leaders and their organisations.
Stephen is chairman of White Hat Events which is a Cyber Security charity supporting the amazing work performed by NSPCC Childline in the protection of vulnerable young people
Darren spent 16 years in the British Army, serving with the Royal Military Police Special Investigation Branch as well as Military Intelligence, enjoying overseas tours in the Balkans as well as Iraq and Germany. On leaving the military, Darren has undertaken roles with a UK Government GOCO organisation, Betfair, Capita Clinical Solutions, Virgin Media, Cyjax, EY and latterly as the CISO with one of the most recognisable brands in the UK, The AA. He has spent the majority of his career in an investigations / legal role, focussing on cybercrime investigation and the development of threat intelligence. Latterly he has moved into a more strategic role, focussed on a broad range of Information Security challenges.
Darren is currently responsible for the overall security strategy at the AA, including the subsidiary companies. He has managed GDPR programmes, major crypto currency fraud investigations and cyber security framework assurance projects, as well as traditional (!) ISO27001 implementations, gaining over 27 years in the security sector.