Named governance doctrine. Commercially decisive.
The institutional operating model boards retain when contracts, regulators, and market confidence converge on the same fault line. Decision architecture for environments where information is incomplete and consequences are irreversible.
Organisations do not lose systems first. They lose control first.
Most never recover it. This is the doctrine that prevents that outcome.
Not advisory. Not consultancy. Governance infrastructure that holds under pressure.
Technical Execution Stack
Sentinel · Splunk · Azure Defender · KQL · Wireshark · Burp Suite · Nessus · MITRE ATT&CK · Defender for Endpoint · Logic Apps SOAR
I accept 2–3 mandates per calendar year. Engagement requires executive authority or board resolution.
Outcomes counterparties sign against
Representative outcomes (client identifiers withheld). Written in procurement language under regulatory scrutiny.
Tier-1 FS: DORA Transformation
Win condition: audit-ready operational resilience evidence chain.
Result 147 findings → 12 in 84 days · owner model · testing cadence · board KPIs
Regulated Enterprise: Outsourcing Controls
Win condition: contract clauses aligned to operational resilience, TPRM, and audit rights.
Result Negotiation cycle 22wk → 9wk · renegotiated control schedule · exit plan
AI Programme: Governance Reset
Win condition: ISO 42001-aligned governance, model inventory, assurance pathways.
Result 0 → 214 models governed · control matrix · accountability map · audit artefacts
Global Bank: Incident Response Overhaul
Win condition: regulatory-grade incident classification, escalation, and evidence chain under NIS2.
Result MTTR 14d → 2.1d · 24/7 playbooks · board escalation SLA · regulator pack
Insurer: Cloud Security Architecture
Win condition: zero-trust posture validated against NIST 800-207 and FCA expectations.
Result 3 critical gaps → 0 · microsegmentation · PAM rollout · attestation dashboard
PE Portfolio: Cyber Due Diligence
Win condition: pre-acquisition security posture assessment with quantified remediation roadmap.
Result 5 targets assessed · €2.3M risk quantified · 2 deal-breakers identified · remediation priced
Institutional Governance Architecture
Navigate the complete governance doctrine — from proprietary frameworks and research to regulatory intelligence and strategic threat analysis.
AI + Cyber Security
As AI reshapes the attack surface — LLM exploitation, adversarial prompts, deepfake phishing — your security architecture must operate at the intersection of governance and engineering. 27 years of cyber delivery meets the 2026 AI threat landscape.
Prompt Injection & LLM Defence
Adversarial prompt testing, jailbreak detection, and output sanitisation frameworks. OWASP LLM Top 10 assessment methodology. AI model sandboxing, guardrail architecture, and data leakage prevention for enterprise LLM deployments.
- → Prompt injection penetration testing
- → System prompt extraction prevention
- → RAG poisoning defences
- → Output filtering architectures
AI-Driven Threat Detection
ML anomaly detection integrated with Microsoft Sentinel. Behavioural baselines using Azure ML. Automated triage reduction: 60% fewer false positives through ML-assisted rule tuning. UEBA (User & Entity Behaviour Analytics) deployment for insider threat detection.
- → Sentinel ML-powered detection
- → Behavioural anomaly baselines
- → UEBA insider threat modelling
- → AI-assisted SOC automation
AI Governance & Model Risk
EU AI Act Article 9 risk management. Model inventory, bias testing, and transparency documentation for high-risk AI systems. AI incident classification under DORA and NIS2. ISO 42001 AI management system implementation and certification readiness.
- → High-risk AI system registration
- → Model risk register & testing
- → AI incident reporting (DORA/NIS2)
- → ISO 42001 gap analysis
AI Threat Coverage
Deepfake phishing · Model inversion · Training data poisoning · Supply chain AI attacks · Shadow AI governance