Originally broadcast on: Tuesday 2nd March 2021, 16:00 (GMT)

What is your InfoSec goal? Risk reduction or risk management?

In this episode of teissTalk we discussed:

  • If the goal of your information security programme is to manage risk, rather than reducing it, how do you demonstrate success?
  • How can InfoSec leaders support their organisations in determining a clear risk appetite
  • If you are managing risk well, is the additional cost to reduce risk necessary?

full episode replay


Jenny Radcliffe

Jenny Radcliffe, also known as “The People Hacker,” is a world renowned Social Engineer, hired to bypass security systems through a no-tech mixture of psychology, con-artistry, cunning and guile. 

Jenny is a sought after keynote speaker, panelist and moderator at major conferences and corporate events, both in-person and online,  is a  TEDX contributor and is host of her own multiple award winning podcast series.


Allan Alford


Allan is the Delivery CISO at NTT Data Services, formerly CISO at Mitel, Forcepoint and at Polycom. In his CISO roles Alford has managed enterprise security as well as compliance with various frameworks such as GDPR, NIST SP800-171 and ISO 27001.

With more than 30 years of IT and Engineering security experience, Allan has a strong product and cloud security background, having served at Pearson as Product Information Security Officer (PISO), supervising the security of a massive-scale company-wide cloud transformation program, and Polycom where he built and managed the product security program, integrating it fully into the business.

Vicki Gavin

Head of Information Security & Compliance
Kaplan International

Previously CISO at The Economist and Head of Business Continuity, Information Risk & Business Risk at Barclaycard, Vicki is considered an industry expert on Cyber Security. Vicki was awarded Cyber Security Woman of the Year, 2015 and Security Serious Unsung Hero Awards, Marathon (Wo)man, 2016.

She is often told her most valuable skill in this area is her ability to convey important information to senior business leaders in clear, understandable English, without resorting to industry jargon and meaningless acronyms. She passionately believes that security, privacy and continuity are business issues not IT issues and therefore need to be explained in terms business leaders understand.


Bridget Kenyon

Chief Information Security Officer – EMEA
Thales Digital Identity and Security

I am a highly motivated information security leader, experienced in strategy, planning, managing staff, running security reviews, designing policy, and handling security incidents.

My experience includes the greenfield development of Information Security Management Systems (based on ISO/IEC 27001), the initiation and project management of information security risk assessments, and the design and implementation of many awareness initiatives. I have competence in both the ‘soft’ and the ‘hard’ sides of IT and information security, including experience in network and system administration, policy and strategy development in the defence and education industries. I have the CISSP, CISM qualifications and am an Associate Member of the Institute of Information Security Professionals. I am also the editor for ISO/IEC 27014 (information security governance). Finally, I have been a QSA, qualified to assess companies against the Payment Card Industry Data Security Standard (PCI DSS).

My interests lie in the security of all types of systems, and the human aspects of system vulnerability. I’m the sort of person who will always have a foot in both the technical and strategy camps. I enjoy helping people to find solutions to thorny problems, and strongly believe that information security is fundamental to reliable business operations, not a ‘nice to have’.

Nick Martin

Consulting Director

Nick has more than 30 years of tech consulting and implementing experience. He leads a team of highly skilled consultants delivering technology and digital transformation projects that result in strategic improvements for clients across the public and private sector.  He believes that successful outcomes should result in the best and most secure user experience, better service delivery and transfer of knowledge to the client IT teams he works with.  

Copyright 2021, Lyonsdown Limited

23-29 Hendon Lane
London, N3 1RT
020 8349 4363
teiss® is a registered
trademark of Lyonsdown Ltd

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]