Virtual CISO · Interim CISO · Board Cyber Governance · Regulatory Navigation
CISO Advisory

Board-Grade Cyber Leadership.
Strategic. Mandate-Ready. Accountable.

Virtual CISO, Interim CISO, and enterprise cyber strategy for regulated enterprises, CNI operators, and growth-stage organisations navigating complex threat and regulatory environments. Parliamentary testimony. 27+ years of delivery.

Virtual CISO Interim CISO Cyber Strategy Board Governance FCA / PRA DORA NIS2 CNI Defence Parliamentary Testimony
Engage Advisory View Credentials
What I Deliver

Advisory Services

Six core service lines — each calibrated for board accountability, regulatory complexity, and enterprise delivery tempo.

CISO Advisory

Virtual & Fractional CISO

Board-grade cyber leadership without the full-time overhead. Strategic oversight, risk governance, and programme direction delivered at executive tempo.

  • Security strategy aligned to corporate objectives
  • Board and audit committee reporting
  • Risk appetite definition and tolerance calibration
  • Regulatory engagement — FCA, PRA, ICO, NCSC
Interim CISO

Mandate-Grade Interim Delivery

Rapid deployment into critical security leadership vacancies. Operational from Day 1; designed for regulated enterprises, M&A transitions, and post-incident recovery.

  • Immediate security posture assessment
  • Team stabilisation and capability uplift
  • Programme continuity across leadership transitions
  • Board confidence from the first briefing
Cyber Strategy

Enterprise Security Strategy

Multi-year roadmaps built on NIST CSF 2.0, ISO 27001:2022, and sector-specific regulatory requirements. Designed to survive changes in threat, technology, and leadership.

  • Current-state maturity baselining
  • Target operating model design
  • Investment prioritisation and business case support
  • Milestone governance and executive dashboards
Board Education

Cyber Governance & Board Education

Non-executive and board-level education programmes that translate technical cyber risk into strategic decisions. Drawn from Parliamentary testimony and C-suite advisory experience.

  • Board cyber risk literacy workshops
  • Cyber risk register design for audit committees
  • Crisis simulation and tabletop exercises
  • Parliamentary and regulatory briefing support
Threat Intelligence

Strategic Threat Intelligence

Nation-state, ransomware, and supply-chain threat analysis contextualised for sector and organisational risk profile. Intelligence that informs board decisions — not just SOC tickets.

  • Sector-specific threat landscape briefings
  • Nation-state actor profiling for CNI operators
  • Supply-chain risk analysis and supplier assurance
  • Intelligence-led security investment planning
Regulatory Navigation

Regulatory & Compliance Strategy

Deep experience with the regulatory landscape across the UK, EU, and US. From FCA/PRA operational resilience to DORA, NIS2, and the EU AI Act.

  • Regulatory gap analysis and remediation roadmaps
  • FCA, PRA, ICO, and NCSC engagement strategy
  • DORA, NIS2, EU AI Act readiness programmes
  • Horizon-scanning for emerging regulatory requirements
Public Authority Record

Beyond the Enterprise

Cyber leadership that extends to national government, parliamentary process, and international standards bodies.

🏛️

Parliamentary Testimony

Written and oral testimony to the UK Parliament Joint Committee on the Cyber Security and Resilience Bill — advising on national legislative cyber policy.

🌏

Vice Chair — National Disasters Emergency Centre

Vice Chair of the National Disasters Emergency Centre, Singapore. Regional resilience leadership at national government level.

🔵

Cyber Resilience Centre for London

Active engagement with the Cyber Resilience Centre for London — supporting the national police-led cyber resilience initiative.

📋

ISO Technical Committee

Appointed to ISO Technical Committee participation — contributing directly to international information security standards development.

Leadership Doctrine

How I Think About Security

Principles that inform every advisory engagement — from board briefings to technical programme design.

"Cybersecurity is a team sport — no single vendor, framework, or practitioner secures an organisation alone."

"The CISO's primary role is translation: converting technical risk into the language of business consequence, strategic opportunity, and fiduciary obligation."

"Compliance is the floor, not the ceiling. Mature organisations build security cultures that exceed regulatory minimums because they understand the business case."

Career Breadth

From Big 4 consulting to national-scale CNI programmes, from parliamentary committee rooms to operational security engineering. 27+ years across financial services, defence, aerospace, healthcare, energy, law enforcement, and the public sector.

Academic Appointments

University College London (UCL) · Imperial College London · Amsterdam Airport Schiphol. Research-informed practice bridging academic rigour and enterprise delivery.

Media & Thought Leadership

Published Authority

Editorial bylines and expert commentary placing strategic cybersecurity thinking in the publications that shape the profession.

ForbesCSO OnlineInfosecurity MagazineSecureWorldDataBreachTodayCyber Protection Magazine

Ready to Strengthen Your Security Leadership?

Whether you need a Virtual CISO for ongoing governance, an Interim CISO for a critical transition, or a strategic review of your cyber programme — let's talk.

Start the Conversation Full Credentials ISO & NIST Strategy

Live Standards & Regulatory Horizon

CISO Advisory — current signal stack

Curated each day from authoritative sources (ISO, NIST, ENISA, ESAs, ICO, NCSC). The signal pool refreshes nightly; the daily slate is selected deterministically so two readers on the same date see the same brief.

Updated 2026-05-25

Signal pool refreshed by kie_master_daily.py Phase 26. Methodology: curated synthesis from ISO / NIST / ENISA / ESAs / ICO / NCSC primary sources.

Contact Email Direct