Synovum was formed with the intention to provide high quality cyber security consultancy, training, and end-to-end solution delivery to clients in all sectors of industry.
Although based in London, assignments have been carried out in multiple UK and worldwide locations (Afghanistan, Belgium, British Virgin Islands, Cyprus, Falkland Islands, France, Germany, Kosovo, Kuwait, Lebanon, Republic of North Macedonia).
Synovum is a member of several industry organisations, has a number of VAR/MSP agreements with a number of specialist vendors (Sophos, Proofpoint and Acronis) and actively supports fundraising efforts for several charities, including Cancer Research UK, the Stroke Association, Combat Stress and Help for Heroes.
Synovum is a supporter of the Department of International Trade initiative to encourage overseas exports and is a registered exporter.
Synovum has gained the Cyber Essentials Certification and has achieved the Gold level of compliance to the IASME Governance Standard. As a Certifying Body for IASME, Synovum can conduct Cyber Essentials, IASME Standard/GDPR readiness and Cyber Essentials Plus assessments and certification.
Andrew J Humphrys
Founder and Principal
An experienced project/programme manager, instructor/trainer and cyber security consultant, Andy has worked with clients in both public and private sectors of industry, in addition to the charity sector. He is experienced in leading teams of varying sizes including those based in multiple national and international locations.
Whilst serving with the Reserve Forces (Army), Andy gained extensive experience into the culture and working practices adopted by the military, which has proved invaluable when working both with them and other areas within the public sector and has helped to instil a 'can-do' proactive attitude to problem solving and reaching objectives.
Initiatives managed have included major infrastructure implementations and data migrations in multiple operational NATO environments, in addition to a variety of information and cyber security initiatives:
Scoping, management and subsequent remediation of vulnerability assessments & CHECK penetration tests
LogRhythm SIEM implementation
Symantec endpoint protection
Aruba network access control
McAfee data loss prevention
Forcepoint secure web proxy
Advice has been provided to clients regarding best-practice approaches in areas including basic cyber-hygiene, use of encryption, and implementation of onsite/offsite backup solutions to ensure the confidentiality, integrity and availability of data. In addition, guidance has been provided in the design of security awareness programmes.
An MSc in Information Security (GCHQ certified course) was awarded from Royal Holloway, University of London in 2016, with a supporting thesis examining human factors in information security. Additional industry certifications are held in the form of Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and Certified Ethical Hacker (CEH), together with ISO-27001 Lead Auditor and Implementer and a Masters Level Certification in Social Engineering.
The combination of both technical and managerial qualifications, in addition to the practical experience of working in both IT and information/cyber security with both public and private sector organisations over a period of over 20 years, has provided an exceptional foundation of knowledge, skills and experience in many areas.
In addition, Andy has carried out a number of speaking engagements at Security based events, including a presentation at the London 'Risk, Security and Compliance' conference in July 2016 on the area of social engineering and why current training methods will not solve this massive challenge.
As a Freeman in the Worshipful Company of Information Technologists and member of several panels (Pro Bono & Projects, Government, Information Security). pro-bono consultancy best-practice advice has been provided to a number of London-based charities in areas of cyber security.