About Us

Mustard Research was founded in 1993 by Dave Marsh — a cyber security entrepreneur with over 40 years of experience across engineering, cryptography and senior consulting.

Our story

Dave Marsh began his career as a VMS software engineer at Digital Equipment Corporation, developing network and operating system software and, later, custom electronics before moving into cyber security consulting in the early 1990s. He founded Mustard Research in 1993.

Over three decades, Mustard Research has delivered major cyber security programmes for global financial institutions, energy companies and well-known UK retailers — including HSBC, BP, Mitsubishi UFJ Financial Group, Diageo and Sainsbury's.

We are a senior, specialist practice. Dave leads every engagement personally, bringing PCI DSS QSA, CISM and ISO 27001 Lead Auditor credentials alongside rare depth in cryptographic security, payment systems and technical security auditing.

1993
Founded
30+
Years in practice
3
Industry certifications
UK & US
Operations

Mustard Research USA

An integrated US practice

Mustard Research operates a US corporate entity led by Neil Holzman as President. The US practice works closely with clients seeking integrated management of their B2B merchant payment processing needs.

Neil also manages PCI assessment and certification activities for companies looking to solve PCI certification challenges — regardless of their processor affiliations.

Mustard Research USA offers the full set of cyber security programmes and engagement opportunities provided at our London office.

Neil Holzman
President, Mustard Research USA

Focus areas

  • B2B Merchant Payment Processing
  • PCI assessment & certification
  • Full cyber security portfolio (UK & US)

Qualifications & certifications

The credentials behind the work — built over a career spanning engineering, cryptography and cyber security.

1

PCI DSS QSA

Qualified Security Assessor — the gold standard for payment card security compliance.

2

CISM

Certified Information Security Manager from ISACA.

3

ISO 27001 Lead Auditor

Qualified to lead ISO 27001 information security management system audits.

4

BSc Computer Science (1st)

First class honours degree from Portsmouth University, 1984.

Career history

A track record built across the world's leading financial institutions, retailers and critical infrastructure.

1993 – Present
Founder & CEO
Mustard Research Limited

Major cyber security contracts with HSBC, BP, MUFG, Diageo and others. Designed and built HSBC direct connect payments (Hexagon ABC) and a cryptographic security layer for BP Treasury's global payment protection (BIPS). Also built secure BACSTEL-IP gateways for the UK bank transfer infrastructure (BACS) and a secure platform for the ABN AMRO home banking system.

2011 – Present
Senior QSA
Blackfoot UK Limited

Optimal PCI compliance solutions for major UK high street retailers including Sainsbury's. Conducted fraud and breach investigations and performed risk assessments.

1999 – 2007
Security Consultant
Corporate Computer Consultants Limited

Technical audits on critical systems for Euroclear.

1992 – 1998
Security Consultant
Zergo Consultants

Created an operating system for cryptographic solutions using Hardware Security Modules (HSM). Engineered the cryptographic security layer at the core of the ABN AMRO home banking system.

Sectors we serve

Experience across the industries where cyber security matters most.

Financial Services Banking & Payments Retail Energy Food & Beverage Sport & Entertainment Clearing & Settlement Professional Services

Work with us

We'd welcome the chance to understand your organisation's challenges and explain how we can help.

Get in touch