I help financial services firms to manage cyber risks and to comply with cyber regs.

If you are worried about a cyber attack, but too busy to do anything about it, I can help.

I ensure you do not spend too much of your time, money or sanity implementing a reasonable level of cybersecurity.

I work with you so you gain clarity about where you are are, where you need to be, and how to get there as quickly and efficiently as possible.

Every building needs a Strong Foundation.

Every business needs a Secure Foundation.

Protecting your reputation shouldn’t drive you insane

But instead you’re left with confusion:

End

What’s reasonable and sufficient?

Start

Where do you even start?

Questions

What do you ask your IT providers?

Answers

Will their answers make any sense?

Costs

Is this all going to cost a fortune?

You deserve reasonable security

That’s where I come in.

No jargon. No upsell. No junior associates.

Just clear, specific advice on how to establish a secure foundation.

Once you have a secure foundation, you can decide if you need more.

Who I Am

I have been providing independent cybersecurity, data protection and IT advice for over 10 years.

Prior to this, I worked in regulated financial services companies for 15 years.

I am a Certified Information Security Manager (ISACA CISM) and a Certified Data Protection Officer (Compliance Institute CDPO, IAPP CIPPE, and IAPP CIPM).

Who I Help

The Organisation

My typical client is a services firm with 5 – 80 employees. They usually outsource a number of their day-to-day activities to other organisations.

They usually have limited IT and cyber security knowledge in-house. They may be trying to manage it on a best-efforts basis, or they are relying on 3rd party IT service providers (MSPs) to manage all of this on their behalf.

Many of my clients are in the financial services world, where regulatory compliance is also a significant concern.

The Person

I usually work closely with the person in the organisation who is accountable for IT and cyber security, even though these are not their areas of responsibility.

They are worried about cyber attacks and regulatory compliance.

However, they are already snowed under with their ‘real job’, so have limited availability to focus on cyber security.

That’s where I come in – I do the heavy lifting so the organisation is always moving in the right direction at a sustainable pace.

How I Help

I provide a number of advisory, training, and consulting services.

Many of my clients start with my “SANITYin60” workshop.

This service focuses on identifying where you are today, and the steps you should focus on right now to get closer to where you need to be.

Learn More

Don’t take my word for it. Here’s what my clients say.

Sam is really easy to work with. He is highly organised with good clear communication. He always uses plain English, and avoids IT-speak!! The structure he brought to the process made it much easier for us to go through this – It brought real clarity to our current situation and the steps required to get to where we want to be. Sam’s pragmatism is also very refreshing – Too many IT / Cyber Consultants that I have encountered in the past just pushed the party line and did not consider the audience or organisational situation that they were dealing with. It is great that Sam was always on our wavelength in terms of identifying what is practical/possible, given the size and capability of our organisation and the needs of our clients.

Rebecca McGee, Head of IT

Xcentuate partners with customers in the Financial Services, Agri, Pharma and Public sectors in EMEA and Asia-Pacific to transform their business operations. We know it is critical to get cyber security right so we can protect our customers and our business. We asked Sam to guide us.

From Day 1, I knew we had made the right decision. Step-by-step and always through plain English, Sam showed us how we could get from where we were to where we needed to be. His recommendations were always pragmatic and well-grounded. Every action was understandable, achievable, and tied to a clear security benefit.

If you are confused about what appropriate security looks like, what’s important versus what’s just noise, I highly recommend that you ask Sam to define a clear path for your organisation.

Dan Carroll, Chief Technology Officer, Xcentuate

IT isn’t our forte so we needed someone in our corner explaining in layman’s terms our current set-up, what needs to be done and how best to do it. Sam broke it down into a series of manageable steps and was willing to work as a liaison between our service provider. He translated IT language into language we could understand. The structure of his recommendations report ensured we were never overwhelmed by the task at hand. We would not have progressed to the point where we are without Sam – end of story. We can now respond to the Central Bank’s Risk Evaluation Questionnaire with a lot more confidence.

Marie Ainsworth, CEO, Mount Street Group

Sam is the only IT person I know who doesn’t talk out of his a**. He speaks like people speak!

Identity Protected!, Operations Manager of Regulated Financial Services Firm

Sign up for the Cyber Without Insanity Newsletter

A weekly newsletter (plus 2 mid-week tips) to help you protect your reputation from cyber criminals and your sanity from techie jargon.

Not sure? You can read previous issues here

Here’s what my subscribers think:

“I’m loving these! True to your word they are easy to read”

“I love them, they have become a must-read.”

“Love the emails… they are really useful bite-sized tips.”

“I’m really enjoying your emails. They are well written and engaging and I’m learning a lot about cyber security.”

“Great emails, and always really well written.”

“You’re a champion when it comes to the no-jargon plain English approach. Always clear and to the point.”
“You have a wonderful tone of voice. It’s a great read for the content, and also for your turn of phrase.”