I enable my clients to benefit from taking a scientific, analytical approach to managing security risks and providing security protection.
For many years, managing security risk has revolved around the use of Best Practices. Best Practices work, but only up to a point. They are generic and always need to be customised. They are slow to respond to changes in the threat environment and technology practices, and their benefits are hard to quantify.
A scientific, analytical approach, on the other hand, creates a strong foundation for understanding and managing security risk.
We couldn’t run a modern health service without the aid of medical science.
Or build a modern bridge without the aid of structural engineering tools.
And we don’t have to continue trying to protect technology-based businesses using non-scientific security practices.
Scientific methods enable us to build the practices and tools a modern security function requires.
I have grouped some examples of the things I do into the three sections below. However, these are only examples, so if there is anything you need help with and you are unclear from these descriptions if I might be able to provide that help, please get in touch and let's discuss.