NCC hires three Bank of England cyber experts to beef up assurance business

Intros CENTA - that new money smell

Three of the Bank of England’s cyber specialists have joined NCC Group to lead a newly established threat assurance unit at the UK-based security consultancy firm.

In their new roles within NCC’s new Centre for Evolved Next-generation Threat Assurance (CENTA), Phillip Larbey, Anthony Long and Fiona Paterson will be advising governments, regulators and regulated institutions on cyber resilience and best practice. Larbey, former head of sector for the Bank of England’s cyber functions, has been appointed as associate director of NCC Group and managing principal of CENTA.

Larbey’s role will include leading a team that advises clients such as foreign central banks and institutions on risk management, cyber resilience and complying with regulatory frameworks.

Paterson led on cyber resilience policy at the Bank of England for the last two years, a job that involved developing a close working knowledge of the threat landscape, as well as cyber capabilities for government agencies.

Long previously led for the design, delivery and continued development of the CBEST testing programme across retail, international banks and the insurance market.

CENTA will provide a global advisory service, assisting relevant institutions with the “preparation, design, implementation and support” of cyber resilience and evolved security testing regulatory regimes. It will also offer staff training, testing project management, analysis of root-causes and assistance with correction and remediation, as well as providing ongoing, regulator-standard reviews and security audits.

Larbey, associate director of NCC Group and managing principal of CENTA, said: “We will be working in alignment with the geo-political forums to advise on and support government departments, central banks, regulators and other institutions in upholding the highest of standards when it comes to cyber risk management and the continued compliance with regulatory frameworks.”

The appointments are a tonic for NCC Group, which has gone through a turbulent year financially that resulted in profit warnings following the cancellation of three hefty contracts and the postponement of a fourth.

Earnings before income tax, depreciation and amortisation at NCC Group came out at £27.6m in 2017 compared to £39.7m last year and the £45.5m initially forecast for FY2016/17. A slowdown in the assurance division was blamed for the shortfall which resulted in losses of £53.4m in the year to 31 May 2017 compared to profits of £11.4m in previous year (financial statement, pdf).

NCC offers cybersecurity consulting and managed security services as well as software escrow and verification services.

Ben Jepson, director for risk management and governance at NCC Group, said: “Governments and regulators are some of the most at-risk and highly regulated institutions, and we created CENTA to offer a dedicated advisory practice to help enhance their resilience to cyber threats. Phillip, Anthony and Fiona each bring with them unrivalled expertise and a broad network of contacts, which will be invaluable in achieving our mission of raising security standards worldwide.” ®


Biting the hand that feeds IT © 1998–2017