Hello — I'm Marika.
I'm an independent cyber risk advisor helping boards and executive leadership teams make better decisions about cyber risk — by expressing it in the language they work in every day: financial impact, probability, and return on investment.
After more than twenty years working inside and alongside some of the world's largest financial institutions — including UBS, DXC Technologies, Accenture, Vodafone, and IBM Security — I became convinced that most organisations were managing cyber risk with tools that felt rigorous but couldn't actually answer the questions that matter most: how much is this risk likely to cost us, and which investments reduce it most efficiently?
FAIR quantification, combined with an actuarial approach to probability and loss modelling, changed how I answer those questions. I now build these models for clients across financial services, insurance, and critical infrastructure — helping boards understand cyber risk as a financial matter, not a technical one.
Credentials & affiliations
Formal qualifications spanning security, risk, programme management, and actuarial science.
CISSP
Certified Information Systems Security Professional · ISC²
CRISC
Certified in Risk & Information Systems Control · ISACA
PMP
Project Management Professional · PMI
FAIR Practitioner
Factor Analysis of Information Risk · FAIR Institute
IFoA Student Member
Institute and Faculty of Actuaries · UK
IoD Member
Institute of Directors · UK
Career highlights
2025 –
Corporate Information Security Risk Executive
Liebherr International · Zurich
2023 – 2025
Director, Security Integration — Office of the Group CISO
UBS · Boston & Paris — UBS/Credit Suisse $3.2B acquisition integration
2020 – 2023
Director of Cyber Risk Advisory
DXC Technologies · London
2017 – 2020
Founder & Principal Consultant
Titanium Cybersecurity Ltd. · London
2011 – 2017
Senior roles at Accenture, Vodafone Group, IBM Security
London & New York
What I believe
Measurement over maturity
Maturity frameworks tell you how you compare. Financial models tell you what risk costs. Boards need the second, not the first.
Transparent models
A model you can't inspect is one you can't trust. Every engagement produces an open, auditable model your team can run independently.
Business first
Security exists to protect business value. Every recommendation flows from a business case — not a compliance checklist.