website templates

What I do

I enable my clients to benefit from taking a scientific, analytical approach to managing security risks and providing security protection.

For many years, managing security risk has revolved around the use of Best Practices. Best Practices work, but only up to a point. They are generic and always need to be customised. They are slow to respond to changes in the threat environment and technology practices, and their benefits are hard to quantify.

A scientific, analytical approach, on the other hand, creates a strong foundation for understanding and managing security risk.

We couldn’t run a modern health service without the aid of medical science.


Or build a modern bridge without the aid of structural engineering tools.

And we don’t have to continue trying to protect technology-based businesses using non-scientific security practices.

Scientific methods enable us to build the practices and tools a modern security function requires.

  • It enables us to measure threats, not just in terms of how prevalent or active they are but in terms of their ability to defeat security countermeasures and create security risk.
  • It enables us to calculate the effectiveness of security controls, putting meaningful absolute numbers to how good a control is at reducing risk rather than just measuring the extent to which it has been implemented.
  • It enables us to calculate RoIs for security controls, to quantify how much risk reduction a desired control improvement will bring.
  • And it enables companies to manage security risks using the same type of cost-benefit analyses they might use to manage other types of business risk – something business leaders have been wanting to do for a long time.

I have grouped some examples of the things I do into the three sections below. However, these are only examples, so if there is anything you need help with and you are unclear from these descriptions if I might be able to provide that help, please get in touch and let's discuss.

  • MODELLING - elementary modelling through to sophisticated statistical analysis.  More ...
  • RISK METRICS - measuring the risk dynamics taking place across your environment to gain meaningful insights and actionable results.  More ...

© Copyright 2020 JLIS Ltd