Our People

Our Directors

Mike Hughes 
ChCSP, CISA, CISM, CGEIT, CRISC, CDPSE, MIoD

Mike has a wide range of experience gained through roles both within mainstream IT and over 30 years in consultancy with KPMG, and the evolvement of 123 Consultants through HW GRC to Prism RA. During his time with KPMG, Mike held a number of senior roles, including: leading the Midlands Governance & Compliance practice; leading the Midlands Information Security team; and the UK service line lead for IT external audit.
  • Show More

    Mike also play a leadership role with ISACA, both at the Local and International levels. Mike has served on the Board of the local Central UK Chapter since its formation. Mike has also held a number of International roles, including: a term as an ISACA International Board Director, Finance Committee, GDPR Working Group and currently the Information & Technology Advisory Group. 


    Currently Mike is leading on ISACA’s activities with the Cyber Security Alliance, a group of the UK’s cyber security related bodies. The Alliance’s work includes establishing the UK’s Cyber Security Council, on behalf of the UK’s Government. 


    Mike is also a Non-Executive Director of CyberQ Group, an innovative and award winning cyber security services provider. He is also a member of Cyber Advisory Boards for Cranfield and Aston Universities and a member of the UK's Institute of Directors (MIoD).

Russ Forty CISA

Russ has over 18 years experience within the IT industry, covering: Service Delivery (including the integration and support of a Service Management tool); Change and Release Management; Data Centre Management; and IT Operations. The skills and experience honed in these areas have helped Russ to deliver a wide range of technology and cyber related assurance and advisory services. 
  • Show More

    Russ is a Certified Information Systems Auditor and a member of ISACA Central UK. Russ is also a member of ISACA Central UK’s Information Governance and Cyber Security Special Interest Groups. Russ has spoken on a number occasions at ISACA events, particular on the topics of Change Management, Service Management, ITIL and auditing of cyber security. 


    Russ is also Prism’s Chief Technical Officer, leading the development of Prism’s GRC solution.

The Advisory Board

Prism’s Advisory Board brings together a wealth of experience, all subject matter experts in their area of expertise. This will ensure that Prism brings the most up to date thinking to help out clients achieve business success

Steve Connors MBA, FFA, CISM

Director Validera

Steve has over 30 years experience in both industry and practice. Steve is a highly experienced consultant, accountant and auditor with specialist expertise in IT/IS strategy and systems. He joined Haines Watts in 1995 to set up the Information Systems and Computer Audit function. In 1997 he transferred to the GRC operation to develop integrated systems & computer audit and fraud programmes specifically for the firms larger clients, both Public and Private Sector. 
  • Show More

    He has extensive knowledge of all aspects of information security management, risk management, corporate governance, IT system and strategies. He has also written papers on the legal aspects of computer evidence, and presented at national and international conferences. 

Chris Woods 
CEO CyberQ Group

Chris has over 20 years of practical and architectural experience within Information Security having worked across a broad spectrum of roles and responsibilities for start-ups and Multinational corporations.
  • Show More

    Having learnt his trade with the likes of HP and Fujitsu, including holding Director roles, Chris established CyberQ in 2016, Chris has extensive senior and director level experience of strategic planning, security business case creation, architectural evolution, business analysis, specification/requirements, Pre-sales, design and security testing of £multi-million business critical Communication and Information Technology solutions.


    Specialties: Security Operations Center, Cyber Architect, Big Data, Cyber Machine Learning, Public Speaking, Press Interviews, Managed Security Services, Advanced Security Operations Centre, Blogging, Presentations, Education. Cyber Warfare

Keith Hayes CISM

Experienced CISO

Keith is a cyber and Information Security professional with an established reputation as a highly skilled communicator, author and key note speaker, with the knack of being able to communicate the nuances of cyber security in to business risk terms, so business management “get it”.
Keith has held a number of global security roles, including:
  • Show More
    • IBM
    • Dixons Carphone 
    • Siemens Communications
    • Merrill Lynch
    • IMI Engineering

    Keith has also:

    contributing to standards

    Led a major revision to credit card security standards (PCI DSS) ensuring relevance to the business, not tech.

    Major contributor to the UK Dept. of Business, Energy and Industrial Strategy (BEIS) paper on Smart Devices.

    Significant contributor to IAAC working groups.

    Contributor to the Royal Academy of Engineers paper: “Valuing the Information Asset for UK Businesses”.

    Gold Member of ISACA

    Member of ISACA’s specialist interest groups for Cyber Security and Information Governance.

    Collaboration with West Midlands Cyber Crime Unit (ROCU) to deliver cyber training to business leaders.

    Voluntary training schemes for children and young adults in regard to privacy online.