Meet our VCISO - Andy Latham

With over 25 years of dedicated service in the realm of Information Technology, Andy brings a wealth of experience and expertise to the field of cybersecurity. Graduating with Honours in Computer Science in 2000, he embarked on a journey that saw him evolve from a Senior Software Engineer and Architect on SaaS platforms to a seasoned leader in Senior Management and then Technical Director (CTO) across multiple esteemed companies.

Throughout his career, Andy cultivated a deep understanding of IT and Cloud Infrastructure & Networking, Product Management, Research & Development, Information Security, and Incident Management with a specialisation in Agile delivery methodologies. Over a decade ago, he made the pivotal decision to transition into a specialized cybersecurity role, solidifying his position as a Chief Information Security Officer (CISO) and Global CISO across three distinguished organisations. Over the last ten years in both the UK and USA he has successfully helped each company significantly raise the bar of their security posture, completely overhaul the security culture and knowledge in the business, ensure new and existing SaaS cloud products that are taken to market have security controls baked in from the outset and also taken each of them through ISO27001 certification, GDPR compliance, UK Cyber Essentials and more recently PCI certification.

Andy’s commitment to excellence and dedication to advancing cybersecurity practices have been recognized by industry peers, earning him placement in the UK Top 30 CISOs for two consecutive years (here and here). As an advocate for best practices and regulatory compliance, he has extensive experience in ISO27001, GDPR, UK Cyber Essentials, and PCI standards, ensuring that organisations under his security leadership maintain the highest levels of security and compliance.

JandaSec VCISO - Andy Latham
JandaSec VCISO - Andy Latham

Andy has developed a unique management style to lead and inspire both those who he manages but also to foster important relationships across all areas of each business and importantly with his peers in senior management and Board members alike, ensuring that security is made a business priority and helping companies understand where and how they need to invest and then oversee and manage the successful realisation of those investments.

In his current capacity as a Virtual Chief Information Security Officer (vCISO), Andy offers executive leadership services on a fractional basis to clients seeking expert cybersecurity guidance without the need for a full-time CISO. By leveraging his extensive experience and strategic insights, organisations benefit from tailored cybersecurity strategies, risk mitigation, compliance adherence, and incident response planning.

Partnering with Andy as your vCISO ensures access to seasoned cybersecurity leadership without the overhead costs associated with a full-time executive position. Together, you can fortify your organisation’s defences, safeguard sensitive data, and navigate the complex landscape of modern cyber threats with confidence.

Elevate your cybersecurity posture today with the expertise of a seasoned virtual CISO. Let’s collaborate to protect what matters most to your organisation.