Peter Berry

About Peter

Compliance & Security Manager | Data Protection Practitioner | Lead Auditor

Peter is a seasoned Risk and Compliance professional with a career spanning three decades of evolution in the UK’s most highly regulated industries. With a foundation built in hospitality and customer experience, Peter brings a unique, people-centric lens to the technical worlds of Information Security, Data Protection, and Regulatory Frameworks.

Professional Evolution & Expertise

Peter’s career is defined by his ability to navigate pivotal industry shifts. From managing reward schemes at Virgin Media to shaping customer experience during the pioneer days of renewable energy at Ecotricity, he transitioned into high-stakes compliance at RWE Npower and Good Energy. He later moved into the heavy industrial sector, managing security and operational integrity for CCGT power stations under the Network Infrastructure Security Directive (NISD).

Currently, Peter serves as the Compliance & Security Manager for Lifecycle Software (a Lumine Group company), directing adherence to OFCOM standards and the Telecommunications Security Act. Through his consultancy, Elmar Risk Management, he provides strategic oversight for organisations like Severn Power Limited, Sevenoaks Hockey Club and Alt HAN Co, achieving and maintaining ISO 27001, ISO 45001, and Cyber Essentials certifications.

Education & Credentials

Peter is a qualified Data Protection Practitioner (PC.dp) and an ISO Lead Auditor for Information Security and Occupational Health & Safety management systems. He is currently progressing through the Regulatory Compliance Officer Level 4 qualification to further solidify his expertise in UK regulatory frameworks.

Top 3 things Peter can help with

Many small to medium businesses know they need to be "compliant" but don’t know where to start or which framework (ISO 27001, GDPR, or Cyber Essentials) takes priority. 

During a short conversation I can review the current business model and provide a prioritised roadmap. The outcome will provide the attendee with a clear "Top 3" list of which regulations apply to them and which certification they should pursue first to protect their specific type of data.

Organisations often collect and store more data than they realise and ultimately need creating a significant risk. 

Using my experience working with corporates, SME’s, charities and Not for Profit organisations I can help you identify inefficiencies in the data lifecycle. The outcome from a discussion will identifying at least two areas which can immediately reduce the data footprint, lowering both risk of a breach and storage costs.

Moving from "we think we’re secure" to "we are ISO 27001 certified" feels like a mountain to climb, especially with increasing cyber & security risks. 

I can help perform a micro-gap analysis on your existing processes. This will help understand the "Information Security Management System" approach, identifying the current security baseline, combining security and operational standards into one manageable flow.