Cyber firm NCC hires EY’s Mike Maddison as CEO

Mike Maddison

Manchester-based cyber security and risk mitigation firm NCC Group announced the appointment of EY executive Mike Maddison as its new CEO following Adam Palser’s decision to step down after more than four and a half years in the role.

NCC also published a trading update in advance of its results for the year ended May 31, 2022, saying it expects revenues in the second half of the year to be substantially higher than both the prior year period and the first half on a constant currency basis.

On the CEO appointment, NCC said: Mike is currently head of EY’s cyber security, privacy, and trusted technology practice for EMEA, a role he has held since 2017.

“During that time Mike has successfully delivered strong growth across the 97 countries in the region and reinforced EY’s position as a leading cyber security adviser.

“Previously he led PwC’s risk services practice across the Middle East and before that was head of Deloitte’s cyber security consultancy in EMEA for ten years where he also drove significant growth.

“Mike will join the board on 1 August 2022.

“Adam will remain as CEO until mid-June and will remain available to support an orderly handover. In the 6-week interim period, Chris Stone, non-executive chair will become executive chair.”

Stone said: “On behalf of everyone at NCC Group, I would like to thank Adam for the enormous contribution he has made.

“He has managed an extremely successful turnaround in the business, professionalised it and brought it to a place where it has significant opportunity for future growth. We wish him every success in the future.

“Meanwhile I am delighted that someone with Mike’s knowledge of the cyber security markets and impressive track record has agreed to join us.

“With his skills I am confident that NCC Group will be able to build on the momentum it is already seeing across its markets, providing clients with the support and peerless technical knowledge they need in these enormously uncertain times.

“We are all very much looking forward to welcoming him and working with him.  It is good to be able to make this change whilst the business is growing so strongly.”

Palser said: “I have thoroughly enjoyed my time at NCC Group and leave safe in the knowledge that its prospects have been transformed over the past four and a half years.

“The group now has a great opportunity to grow by offering its unmatched skills to a blue-chip client base at a time when cyber risk has never been higher.”

Maddison said: “I would like to thank Chris and the board for this opportunity to lead NCC Group.

“Throughout my career as a cyber security specialist, I have always admired NCC Group for its enormous range of skills and experience.

“I am very much looking forward to working with my new colleagues and leading the ceaseless fight against cyber-crime.”

On current trading, NCC said: “The board expects revenues in the second half of the year to be substantially higher than both the prior year period and H1 on a constant currency basis, driven by the acquisition of IPM and accelerating assurance revenue growth through H2 FY22.

“Full year revenue and adjusted EBIT (subject to audit) are anticipated to be in line with management expectations.

The board expects that the increased momentum in revenues will continue into the forthcoming financial year (FY23) as a result of increased volumes and day rates …

The assurance division is performing strongly, particularly in North America and the UK.

“H2 revenue growth is expected to be c. 15% compared to 8.8% in H1 FY22 leading to an expected double-digit growth in revenues for the full year. 

“Revenue growth has arisen from increased volumes in our core business, progressive increases in day rates and our new growth offerings (including Sentinel and Remediation).

During April 2022, the group acquired the trade and assets of Adelard LLP (Adelard) for £3m.

“Adelard are assurance experts in high-value critical systems for national and industrial infrastructure and whose services are complimentary to the group …

“Our software resilience business (exc. IPM) is expected to return to revenue growth in H2 FY22.

IPM was acquired for c.$220m in June 2021 and the first year’s performance has been encouraging and in line with management expectations. 

“The integration of NCC Group’s existing resilience operations is significantly advanced with customers successfully migrated and our new colleagues welcomed into the combined team.

The group has recently started a full operational review of its combined software resilience division. 

“This review is expected to highlight opportunities to improve the group’s operating contribution through a number of management actions by an estimated £5m with the full benefit coming through in FY24.

“The group continues to maintain its strong cash management discipline with expected FY22 net debt (on a pre-IFRS 16 basis) to be in line with management expectations subject to the effects of foreign exchange on our existing US dollar borrowings.”

About the Author

Mark McSherry
Dalriada Media LLC sites are edited by veteran news journalist Mark McSherry, a former staff editor and reporter with Reuters, Bloomberg and major newspapers including the South China Morning Post, London's Sunday Times and The Scotsman. McSherry's journalism has also appeared in The Washington Post, The Guardian, The Independent, The New York Times, London's Evening Standard and Forbes. McSherry is also a professor of journalism and communication arts in universities and colleges in New York City. Scottish-born McSherry has an MBA from the University of Edinburgh and a Certificate in Global Affairs from New York University.