Lou turned his attention to aerospace, defence and security upon retirement from active military service in 1999 and boasts more than 40 years experience in business, public service and security.

Lou held positions at Ernst & Young, Capgemini, Serco, CSC and Fujitsu, contributing to major growth and supporting major new bids into government before joining Stratia Cyber in 2016.

On top of this, his experience includes consulting as an independent and spending time in-house at a number of small to medium sized IT firms.

Paul is a founding Director of Stratia Cyber and an experienced Risk Management and Security Architect, highly respected for his excellent technical, communication and leadership skills, and his commitment to supporting Government and Commercial systems projects. Prior to joining the world of consultancy, Paul held roles including Sensors Engineers in the Royal Navy, Operational and Computer Network Defence Manager for MOD DII systems, Lead Security Architect at HM Coastguard, Desktop Accreditor for Top Secret systems and Security Assurance Manager for GCHQ.

Memberships and certifications

Paul is a CCSC Head Consultant and is a Lead CESG Certified Cyber Professional Security and Information Risk Advisor, a Certified IT Professional member of the British Computer Society, a Certified Information Systems Auditor and a member of the Institute of System Engineers. Paul is also a ISC2 Certified Cloud Security Professional CCSP.

Paul is a founding director of Stratia Cyber and specialises in managing information risk at a corporate level, advising SIROs/CIOs and corporate boards on proportionate and cost-effective risk management solutions. Paul is one of the few security consultants in the UK who is certified at the highest level - Lead Practitioner - under the CESG Certified Professional (CCP) scheme, specifically in the Security and Information Risk Advisor (SIRA) role, also appointed as one of the first Head Consultants in the CESG Certified Cyber Security Consultancy scheme. 

Paul has more than 15 years’ experience in the information security industry as well as non-executive director experience in audit, risk management and governance roles.

Paul’s background also includes audit committee roles for Cheltenham Borough Council and the Local Government Association with responsibility for overseeing million-pound budgets as well as risk management procedures.

Memberships and certifications

Paul was a founder member of the Institute of Information Security Professionals, now the Chartered Institute of Information Security (CIISec), and was elected a Fellow of CIISec in 2021. He is also a Fellow of the Institute of Engineering of Technology and a Chartered Engineer. 

Jason is a founding director of Stratia Cyber. Jason has extensive experience of business assurance, information risk management, security architecture and technical security assessments, combined with rich sector-specific knowledge and experience across government, defence and critical infrastructure sectors including energy and utilities (UK civil nuclear and power generation and transmission), telecommunications, finance, and emergency and health services.

Previously deployed to UK Government departments and agencies including the UK Ministry of Defence, Paul’s career history spans National Grid, EDF and British Energy, the Metropolitan Police Service, Cisco Systems, France Telecom, the BBC and Deutsche Bank.

Memberships and certifications

Jason is a Lead CCP Security and Information Risk Advisor (SIRA) and a Lead CCP Information Architect (IAA), a Lead ISO27001 Lead Implementer, a former CREST Registered Specialist (CRT/CCIAS/CCTRA), a Chartered IT Professional (CITP), a Member of the British Computer Society (MBCS) and a Member of the Institution of Engineering and Technology (MIET) and a Full and Founder Member of the Institute of Information Security Professionals (MinstISP).

Jason is also a Certified SCADA Security Architect (CSSA) with a working knowledge of IEC61850, IEC62443 and the NERC CIP standards applied in multinational, multi-utility organisations, to prepare and respond to cyber security incidents across UK and North American energy networks.