Who we are

David Ferbrache, Managing Director

David is an award-winning UK national cyber security expert and the Managing Director of Beyond Blue with over 25 years of cyber and information security expertise.

David is the chair of the Scottish National Cyber Resilience Board overseeing and challenging the implementation of the Scottish National Cyber Resilience strategy. For his services to national security post 9-11, David was awarded an OBE and in 2018 was awarded personality of the year in the cyber security awards.

Read more about David

Prior to founding Beyond Blue, David spent 6 years at KPMG working with global clients in the financial sector, government, pharmaceuticals, telecoms, oil and natural gas to advise on high end cyber threats and the cyber threat landscape, running cyber exercises and advising on the optimal mix of security controls. David supports KPMG as their Global Head of Cyber Futures where he leads the global innovation agenda on cyber, as well as working with KPMG’s largest global clients.

Throughout his career, David has advised CISO teams on the development of cyber security strategies and transformation programmes and has overseen high end red teaming and attack simulations to validate security across a broad range of sectors. He continues to work closely with a range of financial sector clients to develop their approach to operational resilience, to review the integrity of their critical business processes, and to assess potential attack scenarios against those processes including criminal exploitation, IT disruption and insider threats.

David started his career in the public sector and before moving into consulting, was the Head of Cyber and Space for the Ministry of Defence in the UK. During his career he has worked with key international allies, created and delivered the Defence Cyber Security Programme, set up MOD’s first penetration testing team, ran the first ever UK-US cyber wargame, and carried out the first national infrastructure cyber security review.

Key Facts

  • Over 25 years of experience in cyber security
  • Awarded an OBE for his services to national security post 9-11
  • David has both breadth and depth of knowledge in all areas of cyber security and resilience

Connect with David ›

Paul Taylor, Chair

Paul has over 30 years of experience leading the delivery of some of the most demanding national security programmes in the UK, operating at the very highest levels of government.

As a result, he is uniquely qualified to understand the evolving threat environment, as well as having an exceptional track record of driving and delivering change in complex organisations. Paul’s contribution to the world of science and technology was recognised by his election as a Fellow of the Royal Academy of Engineering in 2013, where he now sits on the UK’s Engineering Policy Committee. Paul also chairs the Advisory Board of the Imperial College Institute of Security Science and Technology.

Read more about Paul

In 2020 Paul was appointed as a Technology focused Non-Executive Director for a global investment bank and sits on a several Board Risk Committee Advisory Panels for national and international financial institutions.

Prior to joining Beyond Blue, Paul was the Cyber Head of Financial Services for KPMG where he advised and exercised national and global retail and investment banks, investment managers and global technology companies, at board and senior management level, helping to address their cyber and information protection challenges.

Before consulting, Paul spent over 25 years in the public sector working for AWE plc, the UK Ministry of Defence, and the UK Government on matters of defence, nuclear deterrence, technology and information security.

Key Facts

  • Over 30 years of experience in national security
  • Fellow of the Royal Academy of Engineering and sits on the UK’s Engineering Policy Committee
  • Specialises in engaging with the Board and Executive Committee

Alicia Waite, Associate Director

Alicia is a skilled and accomplished cyber resilience professional who specialises in advising on operational resilience and preparing and assisting clients in their response to and recovery from Cyber crises.

Prior to joining Beyond Blue, her most recent role has seen her assist Executive Committees of global organisations respond to and recover from significant cyber crises including ransomware and data breaches. She has helped senior leadership understand the unique attributes of a cyber crisis and advising on their internal and external communication strategies and approach to operational recovery.

Read more about Alicia

Alicia has experience in a variety of industries including technology, manufacturing, energy, and retail, but most of her experience and interest is in financial services. Alicia has helped deliver cyber, privacy and operational resilience programmes for global banks, insurers and investment managers and advised and exercised Boards and senior management on cyber and technology crisis response and recovery.

Alicia has been seconded to clients to help deliver a regulatory cyber transformation programme, focusing on target operating model and employee training and awareness and a GDPR implementation programme focusing on data mapping and identifying critical data points. In response to the increasing threat against critical national infrastructure and industrial control systems, Alicia assisted a global oil and gas company in an innovative 4 year programme to identify and protect their critical assets whilst maturing their response and recovery capability in the event of a catastrophic cyber event.

Key Facts

  • Experienced in helping global organisations respond to and recover from significant cyber crises including ransomware and data breaches
  • Varied industry coverage such as financial services, energy, retail and manufacturing

Connect with Alicia ›

John Hermans, Senior Advisor

John has worked on over 150 national and international cyber security projects in the last xx years across a variety of industry sectors, such as financial services, energy, telecommunications, retail and government, and is considered as one of the leaders in his field of expertise.

John has helped clients develop, define, and implement cyber security strategies, building the required business cases for Executive and Supervisory Boards. He has led projects in governance, risk and compliance and risk management and quantification.

Read more about John

In addition to cyber security, John has delivered and advised on a range of cloud computing initiatives in both the private and public sector with a focus on advising and supporting clients in developing, defining and implementing their cloud computing strategy as well as advising on cloud security and assurance.

Prior to joining Beyond Blue as a senior advisor, John was a senior partner in KPMG Netherlands and a member of their global cyber security leadership team.

Key Facts

  • Experience in delivering cloud computing and cyber security programmes with over 150 cyber security projects under his belt
  • Worked for clients across Europe and one of the leaders in his field

Connect with John ›