Stephen Mash

Based in a quiet rural corner of West Sussex, England, Stephen has worked as a freelance technology writer since 2018, following a successful career as an information security and systems assurance consultant. He specializes in producing content around cybersecurity practices, data protection, personal privacy, and data encryption. He is a Member of the Institution of Engineering and Technology.

Stephen's journey started when he graduated in 1988 with a B.Eng. Honors degree in Electrical and Electronic Engineering from Hatfield Polytechnic. He started his working career as a software engineer, working in the avionics industry developing safety-critical software-based systems for US and European manufacturers. This career path then led through systems integration to providing independent assessment and risk management services for high integrity systems across the defense, aerospace, and automotive sectors as part of the governance process for regulatory authorities. He then went on to work at a cybersecurity consultancy where he brought together the security and safety risk assessment techniques into an integrated methodology for technical risk management. With the expanding market for cybersecurity services, Stephen transitioned these skills to information security review and auditing. He is a certified ISO/IEC 27001 Lead Auditor and has helped many clients achieve certification to this international standard.

This experience then led to a move back into the commercial industry as the joint founder and owner of a successful risk management consultancy company. His work through this business focused on performing technical security risk assessments, information assurance audits, and data privacy compliance reviews. Clients ranged from small businesses, large multinational corporations, and government departments. As well as running the business, Stephen was involved in many exciting ventures. From setting up and running a data forensics service embedded inside a law enforcement facility to performing corporate risk governance for a high-profile organization at the forefront of using enterprise risk management to replace the traditional accreditation approach.

Stephen is now putting this practical experience to use as a freelance writer, producing content that draws upon his real-world experience. This has enabled him to achieve his personal goal of running a business with net-zero greenhouse gas emissions, powered using 100% renewable energy sources. He maintains a keen interest in cybersecurity events and emerging trends, providing services to several security consultancy companies in the UK and mainland Europe. He has a personal interest in safeguarding personal data and protecting privacy in the internet-dependent world where personal information has become a traded commodity.