About Code in Motion

Sam Glynn

Hi, I am Sam Glynn, the founder and lead consultant in Code in Motion.

After 15 years as an in-house IT manager in various parts of Bank of Ireland Group, I established Code in Motion in 2012 to provide independent and pragmatic advice on IT & cyber security risk management, enabling my clients to manage IT and cyber security without losing their sanity.

For 25 years, I have been helping regulated financial services firms to ensure they have appropriate cyber security measures in place. Over the last 10 years, my work has increasingly involved assessments of my clients’ third parties – e.g. SaaS providers, IT MSPs, outsourced partners, professional service providers – to ensure they were also managing cyber security appropriately. (Yep, I am one of those people who once developed a 300-question cyber security questionnaire. A true work of art..)

As regulations became more onerous and my clients’ expectations increased, I could see many third parties were really struggling to keep up.


Let’s go back to 2005

When I worked as an IT Manager many years ago, I remember numerous failed approval requests to deploy new innovative solutions that would address significant business problems. 

Why the struggle?

  • It took me many years to realise that while the third party and I always focused on the quality of their solution or service, my colleagues in Procurement and IT Risk Management focused on the risks of allowing a new third party in the door.
  • While the solutions were always fantastic, the third parties providing the solutions struggled to demonstrate that they were not significant risks to my employer.

And the problem is only getting worse.

  • Regulated firms are subject to increasingly onerous regulations and laws which require them to perform detailed due diligence on third parties before any contracts are signed.
  • And I know from experience that many service providers are finding it increasingly difficult to get through this due diligence.

Yet it’s the same old problem.

  • As a service provider, you may get a ‘yes’ from the person in the organisation whose problem you solve, but you may get a very slow ‘no’ from the Procurement / Vendor Management / IT Risk Management teams in that same organisation.
  • You think you are a solution. But they think you are a risk.
  • You may focus on delivering excellent service or developing fantastic solutions, but you now need to ensure your security aligns to the cyber security expectations of your ever-larger and more sophisticated prospects.
  • Until you get this done, you may struggle to convert interested prospects into paying clients.

The mission (because we all have a mission, right?)

To help service providers to improve their cyber security, so they can get on with securing new deals.

Code in Motion does this by enabling service providers (e.g. IT MSPs; SaaS solution providers; system integrators; business consultants; professional services firms) to:

  1. Understand the expectations of their prospects and their prospects’ regulators.
  2. Align their security controls to these expectations (and ideally, exceed these expectations).
  3. Communicate the strength of these security controls when responding to prospects’ due diligence questionnaires.


What clients say (and not just because there was a gun held to their head)

Sam is really easy to work with. He is highly organised with good clear communication. He always uses plain English, and avoids IT-speak!! The structure he brought to the process made it much easier for us to go through this – It brought real clarity to our current situation and the steps required to get to where we want to be. Sam’s pragmatism is also very refreshing – Too many IT / Cyber Consultants that I have encountered in the past just pushed the party line and did not consider the audience or organisational situation that they were dealing with. It is great that Sam was always on our wavelength in terms of identifying what is practical/possible, given the size and capability of our organisation and the needs of our clients.
Rebecca McGee, Head of IT & Brand

Xcentuate partners with customers in the Financial Services, Agri, Pharma and Public sectors in EMEA and Asia-Pacific to transform their business operations. We know it is critical to get cyber security right so we can protect our customers and our business. We asked Sam to guide us.

From Day 1, I knew we had made the right decision. Step-by-step and always through plain English, Sam showed us how we could get from where we were to where we needed to be. His recommendations were always pragmatic and well-grounded. Every action was understandable,  achievable, and tied to a clear security benefit.

If you are confused about what appropriate security looks like, what’s important versus what’s just noise, I highly recommend that you ask Sam to define a clear path for your organisation.

IT isn’t our forte so we needed someone in our corner explaining in layman’s terms our current set-up, what needs to be done and how best to do it. Sam broke it down into a series of manageable steps and was willing to work as a liaison between our service provider. He translated IT language into language we could understand. The structure of his recommendations report ensured we were never overwhelmed by the task at hand. We would not have progressed to the point where we are without Sam – end of story. We can now respond to the Central Bank’s Risk Evaluation Questionnaire with a lot more confidence.
Marie Ainsworth, CEO, Mount Street Group
Sam is the only IT person I know who doesn’t talk out of his a**. He speaks like people speak!
Identity Protected!, Operations Manager of Regulated Financial Services Firm

But enough about me. 

Are you being asked difficult questions about your cyber security?

That’s where Code in Motion can help.

  • No techie jargon.
  • No theoretical perfection.
  • No junior associates.

Just clear, specific advice on how to get to where you want to go.

Is Code in Motion the right solution for you?

Progress rather than Perfection

Code in Motion’s methodology focuses on Progress rather than Perfection. 

Businesses in the real world seldom benefit from perfect solutions – They take too long, cost too much, and are impossible to sustain.

The guidance is pragmatic and realistic, and driven by your capabilities and constraints.

Plain English rather than PowerPoint.

You don’t need to be wowed by fancy PowerPoint slides.

You just want Plain English, actionable advice to show you how to align to your prospects’ expectations.

Small ‘we’ rather than BIG ‘WE’.

If you want to work with a large team of consultants (or if you need the cover that a large consultancy firm will give you), we are not for you.

But if you need skill rather than scale, we should talk.

When you engage Code in Motion, I may involve trusted partners and former colleagues from my broad network of industry veterans, but I will be your lead consultant and your point of contact. 

You will be paying for our experience, not funding our education.