About
I'm an independent consultant helping security and business leaders make better decisions about cyber risk. My work sits at the intersection of information security strategy and actuarial science: I translate the vague language of threats and vulnerabilities into the precise language of probable financial loss.
After spending [X] years inside [industry/organisations — add your background here], I realised that most security programmes were being run on intuition, compliance pressure, and heat maps — tools that feel rigorous but rarely tell decision-makers what they most need to know: how much is this risk likely to cost us, and what's the smartest pound we can spend to reduce it?
Open FAIR changed how I answer that question. It's the same probabilistic thinking that actuaries and insurers have used for decades — applied to information risk. I now build these models for clients across [sectors], helping them present cyber risk to boards, prioritise security investments, and justify budgets with evidence rather than gut feel.
My practice is built on a combination of formal qualifications and practical experience in both strategy consulting and technical security.
Start with a free 45-minute scoping call — no obligation.