top of page


Fellsway Group helps organizations manage cyber as a business risk.


Leveraging proven frameworks such as ISO and NIST, our Pathway to Risk Intelligence (P2RI)™ maturity methodology is designed to align your strategic objectives with the required level of resilience. The P2RI™ platform tracks and measures key characteristics (including ownership, accountability, metrics, documentation, process repeatability, budget, and team) against 10 core program attributes:​


Whether corporate growth and transformation objectives, efficiency demands to “do more with less,” or shifting compliance obligations, Fellsway Group manages the complexity of security risk and compliance so you can focus on achieving your goals.


Founded in August of 2017, Fellsway Group is comprised of seasoned and experienced business professionals. The firm’s two principals are John Mumford and Steve Leventhal.


John Mumford, Managing Partner

As Managing Partner and Chief Risk Officer, John is the driving force behind Fellsway Group’s program approach and methodology.  John’s journey to founding Fellsway Group was steeped in a desire to provide value to the companies who we believe need it most.  While larger organization have enough brand equity and resources to sustain the impact of a breach, small and mid-size organizations need to take a proactive approach to their resiliency and risk management efforts.


John has 20+ years of experience in the IT Industry with systems and security design focus.  He has managed end to end business and IT transformation, design, build and management for multiple companies, including his time as Director of Global Information Security for a Fortune 100 financial services firm. 


John has conducted multiple delivery engagements for large scale systems delivery and business integration, implemented and managed multiple security solutions, and managed teams of Application Developers, Infrastructure Engineers, and GRC Practitioners.   He has managed development and infrastructure design, established and managed a global GRC Program and integrated Operational Risk with Business Continuity, IT/Cyber Security and International Compliance.

John holds numerous certifications including: Lean6Sigma Yellow Belt, ITIL – Service Management Practitioner, GRC Professional – OCEG, CIPT – Principles of Privacy in Technology, SANS – Security Leadership Essentials for Mgrs, Agile – Scrum, Kanban, and AWS Security Essentials. 



Steve Leventhal, Partner

As Vice President of Strategy and Operations, Steve is responsible for leading Fellsway Group’s sales, business development, and partner solutioning efforts.   Steve is dedicated to ensuring that each Fellsway Group client has access to services and solutions that are right sized and aligned to their specific requirements.


A cyber security and technical services industry veteran, Steve was a top Sales Executive for Optiv Security (a leading Cyber Security solutions integrator) prior to joining Fellsway Group.  Prior to Optiv, Steve successfully ran SkillBridge, an IT and Cyber Security training design, development, and delivery firm. During this time, Steve was responsible for company-wide strategic planning, customer outreach and sales, channel partner development, marketing and messaging, services development, and resource management.   His proven track record includes successful engagement with numerous high visibility clients including, JPMorgan Chase, Fidelity Investments, Emerson Electric, and NASA.


Throughout his career, Steve has had the opportunity to work with clients of varying size and industries. He believes that a risk-based approach to managing cyber best enables organizations to align their protection efforts to business goals and objectives.


Steve is Certified in Risk and Information Systems Control (CRISC) through ISACA, and a board member at large for the Rhode Island Infragard chapter.

bottom of page