We are a team of qualified and globally experienced Cyber and Information Security specialists
Cyber Security requires experience and qualifications.
Our experience spans British Intelligence, UK Central Government, Law Enforcement, FTSE100 and global financial services as well as Big-4 Consulting and Regulation. Together with our globally recognised qualifications described below, we cover Cyber Security, IT, Finance, HR, Risk and Governance.
We are truly passionate about Cyber Security and our impartiality, with a focus on quality support for our clients.
Cyber and Information Security requires aligned controls across People, Operations and Technology, which is why we think much wider than just IT.
When clients engage us to support them, they are getting the knowledge, experience and qualifications of not just one Cyber Security specialist but an entire team of experts who think about Cyber Security all day, every day.
Tony Cleal
Managing Director. Principal Cyber and Information Security Advisor
Threat Intelligence, National Security, Resilience and Strategic Lead
Tony is former British Intelligence having worked for the UK National Cyber Security Centre (NCSC), part of GCHQ, and with the Centre for the Protection of National Infrastructure (CPNI) to protect UK critical infrastructure against attacks from nation states, terrorists and criminal groups. Whilst working for the Security Services, Tony also led on two National Protect Law Enforcement operations with the UK National Crime Agency (NCA) to disrupt organised cyber criminal groups operating via the UK.
Prior to this Tony spent 16 years working in IT in the Offshore Financial Service industry, working in the Channel Islands, the Isle of Man, Switzerland, Luxembourg, Liechtenstein, the US, Canada and across the Caribbean. Before moving back to Guernsey from London in 2018, Tony deepened his experience in financial services through his role as Infrastructure Security Manager for M&G Prudential, a UK FTSE100 financial services company with 27,000 staff and $321 billion worth of assets under management.
Tony led the successful cyber security thematic review in Guernsey for the GFSC in 2018/2019. This included on site meetings 40 different firms and conducting interviews with nearly 160 individuals across Board members, IT, Compliance and Risk to assess their cyber security capability and maturity, and to see how their practices aligned against internationally agreed standards. The review culminated in the presentation of findings to all regulated and registered firms, and provided the basis for revised rules based policies around cyber management as a key operational risk to regulated firms.
Given his ability to marry his insights from years in British Intelligence and UK Central Government, the financial services industry and insights from the GFSC thematic review, Tony is uniquely placed to guide firms and private clients on safeguarding their operations and assets, and in evidencing compliance with applicable regulatory requirements.
Professional Qualifications
(ISC)2 CISSP - Certified Information Systems Security Professional
(ISC)2 SSCP - Security Systems Certified Practitioner
ISACA CISA - Certified Information Systems Auditor
ISACA CISM - Certified Information Security Manager
GIAC GCIH - GIAC Certified Incident Handler
James Martel
Technical Director. Principal Cyber and Information Security Advisor
Technical, Policy and Controls Lead
James is our resident IT Infrastructure and Cloud technology expert. With over 35+ Microsoft certifications, He works to bridge the gap between business leadership and their technology providers as well as guiding technical teams in securing a number of other associated technologies.
James’ expertise in cyber security comes from designing, deploying and maintaining the technology infrastructures used by organisations across various jurisdictions and industries. His strategic and practical experience of enterprise-level infrastructure includes work in the European Parliament, Channel Islands governments, financial services and professional services in audit, law and more. These skills are especially valuable when considering the practical application of information security and the efficacy of technical controls.
Prior to Black Arrow, James managed his own Infrastructure consultancy where he worked with a wide variety of clients for over 12 years, including in partnership with the prominent technology solution providers in the Channel Islands. He was also Head of IT Security for a leading multi-national Private Bank. This broad experience enables James to leverage his real-world industry contacts when supporting clients in managing their cyber security risk profile, including in his engagements as Trusted Advisor for enterprises across the Channel Islands.
Professional Qualifications
Certified for the design, implementation and management of global leading products for cyber security, data centre and cloud technologies including Hewlett Packard Enterprise, Tenable, Splunk, CyberArk and Intel (McAfee) Security
MCSE - Microsoft Certified Solutions Expert
MCITP - Microsoft Certified IT Professional
MCSA - Microsoft Certified Solutions Associate
MCTS - Microsoft Certified Technology Specialist
MCBMSS - Microsoft Certified Business Management Solutions Specialist
MCP - Microsoft Certified Professional
CompTIA Server+
Bruce McDougall
Governance Director. Principal Cyber and Information Security Advisor
Cyber Risk, Governance and Compliance Lead
Bruce leads our work on Cyber Security Governance, helping clients to understand and manage their Cyber risks in line with leading practice. At Black Arrow, we firmly believe that Cyber Security requires the aligned controls across People, Operations and Technology underpinned by Governance by the Board. Bruce has experience in all those areas, but he is particularly passionate about Governance because without that, the rest can fall apart.
Bruce has several leading qualifications in Cyber Security, as well as in HR and Finance. He qualified as a Chartered Accountant with EY before enjoying a career in management consulting and project management, during which time he extended into HR consulting. Later, his Finance and HR careers merged when he was responsible for governance and financial management for the regional HR teams in HSBC before moving into Cyber Security. Bruce has a masters degree in HR and is Chair of the Guernsey branch of the Chartered Institute of Personnel and Development (CIPD); he is the Guernsey Vice-Chair of the Channel Islands Information Security Forum (CIISF).
Experience is vitally important in Cyber Security because it is a complex subject. In his previous role as Head of Cyber Security Governance, Metrics and Reporting at HSBC, Bruce designed and reported to the Group Board in London and Hong Kong on key metrics and papers on the maturity of Cyber Security for all countries and around a quarter of a million employees.
Professional Qualifications
Cyber Security:
ISACA CISA - Certified Information Systems Auditor
ISACA CISM - Certified Information Security Manager
ISACA CRISC - Certified Risk and Information Systems Control
Finance:
ICAS - Institute of Chartered Accountants of Scotland
Bachelor of Accountancy, University of Glasgow
Human Resources:
MSc HR - London South Bank University
MCIPD - Chartered Member, Chartered Institute of Personnel and Development