I am a security consultant with over 30 years experience helping companies across all sectors address their cyber security needs.
I am one of a very small number of security experts able to bring scientific methods and objectivity to how to manage security needs. A scientist by training, I understand how to analyse the underlying dynamics that lead to the creation of security risk, and therefore how to address security needs scientifically.
This can lead to simple improvements that can bring quick wins. I show clients how to quantify the threats they are under, the effectiveness of their controls, and the security risks they face. I design the methods, tools and processes needed to calculate meaningful values for each of the components that go into creating risk – absolute values as opposed to subjective ratings like H/M/L or scores out of 10. I create and help implement threat models, assessment tools, actionable risk metrics, RoIs for security proposals, and reporting and risk dashboards for top management. And, at the same time, if it is scientific heavy lifting you need, I have the advanced mathematical training needed to provide that too.
Through the skills and expertise I bring, my clients are able to make objective, informed risk management decisions and build security risk management practices grounded in analysis and data.