top of page

Independent security advice, grounded in real world CISO experience.

Helping organisations make better security decisions by bridging leadership teams and the specialists they rely on with clarity, challenge and confidence.

​

With nearly three decades in the security industry, I work as an independent advisor, operating at CISO level where needed. My role is to help organisations understand risk, define what “good” looks like, and make sure security work delivers real, defensible outcomes not just reports or reassurance.

Where I help

Alongside advisory work, I bring security professionals together through in-depth conversations and small, closed-door sessions.

​

These are spaces designed for experienced CISOs, practitioners and leaders to talk honestly about modern enterprise security without vendor agendas, marketing theatre or theory getting in the way.

​

Through these discussions, practical insight emerges around risk, resilience, governance and regulatory readiness. My role is to create the conditions for better thinking, stronger connections and shared learning across the community.

​

Real conversations, without the noise

I support organisations and security leaders at key points in their security journey particularly where decisions are complex, stakes are high, and confidence matters.

 

My work typically involves:

​

  • Clarifying security risk, priorities and desired outcomes

  • Helping define what “good” objectively looks like for your context

  • Selecting, briefing and constructively challenging specialist providers

  • Pressure-testing scope, assumptions and delivery plans

  • Staying engaged during delivery so insight turns into action

  • ​

This works whether you have a full-time CISO, operate with shared responsibility, or need CISO-level thinking without the permanent overhead.

About

I’ve worked across the UK security industry since the 1990s  from early penetration testing and building security teams, through to standards, governance and CISO-level advisory.

​

That mix of practitioner and leadership experience allows me to challenge constructively, translate honestly, and stay focused on what actually improves resilience over time.

​

Outside of security, I’m a singer-guitarist (think Pixies), still chasing that elusive record deal.

​

​If you’re responsible for security and want a clear, honest conversation, let’s talk.

bottom of page