bootstrap button

John Leach Information Security

Helping companies quantify security risk and the things that go into creating security risk


I am a security consultant with 30 years experience helping blue chip companies address their cyber security needs. What makes my consultancy services different is the scientific approach I bring to my work. A physicist by training, I understand the underlying dynamics behind security risk and how to address security risk analytically.

I show clients how to quantify the threats they are under, the effectiveness of their controls, and the security risks they face. I design the tools and processes they need to calculate meaningful values for security risks and each of the components that go into creating risk – as opposed to assigning subjective ratings like H/M/L or scores out of 10. I build threat models, design actionable risk metrics, calculate RoIs for security proposals, and design risk dashboards for top management.

With the bespoke methods and tools I provide, my clients are able to make objectively informed risk management decisions and build security risk management practices grounded in sound analysis and hard data.

© Copyright 2017 JLIS Ltd - All Rights Reserved