|Name||:||David Lilburn Watson MSc,CISA,CISSP,FBCS,MBCI|
|Location||:||David is available for projects in the South of England.|
|Specialisation||:||He specialises in advising business on risk management through effective information security, disaster recovery and business continuity planning. In recent years, he has been involved in the BS 7799 rewrite and the creation of certification processes for the 'BS 7799 standard', and is one of the first ever certified BS 7799 c:cure Auditors.
As a BS 7799 Consultant, David has assisted a number of companies that have gone on to achieve BS 7799 certification.|
|Additional Info||:||His key Skills include baselining systems to security policy; BS 7799 implementation and auditing; creating security policies, standards, procedures and processes; data Protection Act 1998 Compliance and Consultancy; disaster recovery, business continuity & contingency planning, due-diligence and audit, and forensic date recovery.
Mainframe Security and Access Control (MVS, VM/CMS and VME)
Network Security (MVS, AS400, VME, NetWare, VMS, UNIX, NT and the Internet)
Networking (LANs, WANs & Interconnectivity)
Outsourcing security issues including SLAs and performance
Security (Computer & Physical).
Training and development of training courses.
Is cleared to SC in a number of government departments, also holds SC (A) and is CLAS registered (2002 – 2003).|
|Experience with Industries||:||David has provided consultancy and information security training services to clients from a broad spectrum of industry, including the financial services sector (investment and high Street banks, insurance and reinsurance companies, and broking houses); petrochemical and pharmaceutical companies; utilities, and the public sector. David also teaches a MSc. in information security, and is reading for a PhD. in Security Risks in Outsourcing at the University of Westminster. |
|No. of Years Experience||:||He has 20 years experience.|
|Email||:||Contact David Watson|
|Name||:||Michael Nash BA MSc PhD (all Computer Science) FBCS|
|Location||:||Mike is based in Surrey and Dorset, England, but is available for projects world-wide.|
|Specialisation||:||He is an expert in the assessment of information risk in complex or novel environments, e.g. in reviewing and advising the owners of several complex private and public networks on information risk and risk prevention techniques, performing a security study into one of the first applications of remote instrumentation calibrated and certified over the Internet. He has provided advice and assistance to the developers of automated risk analysis tools aimed at the network and general information security markets, and has a long history of pragmatic application of risk management techniques to practical problems in information security.|
Mike is a regular speaker at international conferences.
|Additional Info||:||Mike is a member of SC 27, the ISO/IEC technical committee responsible for information security (including ISO 17799), and is the author/editor of several international standards in information security. He was the manager of the first UK security evaluation facility, responsible for putting UK Government security assurance theory into practice, and was part of the working group responsible for international harmonisation of security criteria leading to the ITSEC, then worked on the development of the Common Criteria. He is a member of the BCS Accreditation Panel responsible for the CISMP security management qualification, and has also consulted on physical security risk assessment and given training courses in specialised aspects of the subject.|
|Experience with Industries||:||He has experience of the defence, banking, insurance, IT products and service industries, and with civil government.|
|Experience with Countries||:||Mike has experience working in the UK and continental Europe, North America and the Far East.|
|No. of Years Experience||:||He has 18 years experience in Information Security and Risk Assessment.|
|Clarification||:||Mike has assisted several risk assessment tool vendors to customise their products to cover ISO 17799 and meet the requirements of ISO 27001. He was a member of the c:cure scheme accreditation panel responsible for interviewing and approving BS 7799 auditors.|
|Email||:||Contact Mike Nash|
|Name||:||John Brooke BSc PhD|
|Key Skills||:||John has wide experience in many areas relating to the design, development, and operation of information systems, including usability evaluation and design, technical strategy and architecture, systems design, operational implementation, capacity and performance management, and business continuity planning. |
|Specialisation||:||Business continuity planning, technical strategy and architecture, software design, human factors.
|Additional Info||:||John has worked on projects in many countries in the areas of financial market data, content management systems, e-commerce, business process redesign, legacy systems integration, client-server systems and human factors. He has led international standards making in the areas of usability and ergonomics and is a recognised expert in his field.|
|Experience with Industries||:||Computer vendor, Financial services, Publishing and media, Industrial process control.
|Experience with Countries||:||Europe, USA, Canada, Africa|
|No. of Years Experience||:||35 years total experience.|
|Languages||:||English, some conversational French.|
|Email||:||Contact John Brooke|
|Name||:||Mark Blunden PhD.|
|Location||:||Based in Gloucestershire, available for project work across UK and Europe|
|Specialisation||:||Mark provides cryptography and information security consultancy and training. Technical skills include cryptographic protocols, authentication and identification techniques, cryptographic key management (including PKI), symmetric and public key encryption algorithms, digital signature schemes and data integrity techniques, and he is well versed with information security problems and solutions (including the policies and procedures necessary for the effective use of technical solutions), security standards (eg, EMV, SET, IPsec, TLS/SSL, DES, AES, DSS, SHA-1) and security evaluation schemes.|
|Additional Info||:||Has a PhD in cryptography from Royal Holloway, University of London, and a degree in mathematics. Previously held permanent positions as a cryptographer in the telecommunications and defence sectors. In 2001 formed a company offering cryptography and information security consultancy and training. |
|Clarification||:||Previous work has included: the design of the cryptographic aspects of several security products and the specification of the security supporting procedures; the design and analysis of encryption algorithms and cryptographic protocols; reviews of security products and techniques (eg, elliptic curve cryptography); the design and analysis of security and key management solutions; and cryptography research. Publications include: M. Blunden and A. Escott, 'Related Key Attacks on Reduced Round KASUMI', in the proceedings of Fast Software Encryption 2001, April 2-4, Yokohama, Japan.|
|Email||:||Contact Mark Blunden|