I help organisations make smarter security investment decisions by quantifying cyber risk in dollar terms — using actuarial models grounded in the Open FAIR standard.
Start a conversation About me →What I do
Combining strategic advisory with technical rigour — so risk conversations happen in the language of business, not just technology.
Monte Carlo actuarial models using Open FAIR translate your threat landscape into annualised loss exposure — numbers your board can act on.
Roadmap development, control prioritisation, and programme design — all anchored to risk-adjusted ROI rather than compliance checklists.
Translating technical risk into clear financial narratives for board packs, audit committees, and executive leadership teams.
How it works
My approach
"Security risk is a financial problem. It deserves financial tools."
Too many security programmes are driven by frameworks that tell you what to do, but not how much to spend or which risk matters most. I bring actuarial rigour — the same discipline insurers use to price uncertainty — into the security decision room.
Open FAIR (Factor Analysis of Information Risk) is the international standard for cyber risk quantification. Unlike maturity models or heat maps, it produces defensible probability distributions over financial loss — enabling investment decisions based on expected value.
My models are built to be transparent, auditable, and repeatable. You own the model after every engagement, so your team can run scenarios independently going forward.
No obligation. Just a conversation about what uncertainty costs you.