Biography

John Leach has been an Information Risk and Security professional for more than 20 years. He has held senior positions in the security teams of a number of organisations, including NatWest Bank, and has led the security teams of a number of technically specialised security consultancies. In December 2002, he formed his own company, JLIS, to enable him to provide his unique brand of Information Security consultancy services independently.  This also allowed him to pursue research into a number of areas of special interest.  Most notable amongst these is his ground-breaking research into analytic techniques for modelling security risk, which led to the development of TBSE in 2003/04.

John Leach specialises in creating innovative solutions to difficult problems, bringing together his academic training and his long experience working with Blue Chip national and international organisations in the security field.  He also specialises in helping clients in their use of security data to create objective results and to improve their risk management decision making.  Much of his work has been on strategic projects that require the high levels of expertise, skill and reliability he brings.

John Leach has worked for clients across the public and private sectors, and in the UK, Europe, USA and Asia.  He has delivered numerous training courses and workshops for clients, and presented at public conferences on a wide variety of subjects.  He was an active member of the Management Committee for IAAC, the Information Assurance Advisory Council, from May 2002 to March 2011, and led IAAC's widely-acclaimed research programme from mid 2006 through June 2011.  (For copies of the reports John has developed for IAAC, please go to Articles and Papers.)  He is also a member of the International Board of Referees for Computers and Security and a peer reviewer for IEEE Security and Privacy.

To download a pdf version of John Leach's biography, please click here.

Return to Credentials.