Consulting

Having worked with major public and private organisations across the globe, I deliver security solutions that are both rigorous and business-aligned. These include:

Secure design

• Architecture and code reviews;
• NIST SSDF implementation and review;
• Developer security training and workshops;
• SBOM (Software Bill of Materials) analysis;
• Supply chain risk analysis and mitigation;
• Post-quantum cryptography migration support;
• Custom security tool development.

Incident response

• Incident response planning (NIST SP 800-61);
• Incident resolution and forensic analysis;
• Post-incident reviews and root cause analysis;
• Threat modelling and mapping (STRIDE/ATT&CK®/UKC).

Compliance and governance

• NIST CSF gap assessments;
• NCSC CAF maturity assessments;
• ISO 27001 and GDPR compliance support;
• UK CSRB and EU NIS2 compliance support;
• EU Cyber Resilience Act compliance support;
• Secure by Design planning;
• Security policy development and documentation.

To learn more about these services, get in touch.