My Services

Advisory Services

I provide tailored consulting / advisory services to organisations that need someone who speaks plain English, filters out the noise, and gets to the point as quickly as possible.

    • I work with you to identify the right steps, and the right order in which to take them.
    • I use easy-to-understand yet globally-recognised frameworks as our guide, so you will be able to speak confidently about how your defences align to a recognised standard.
    • If you are a regulated firm, I show you how to prove to your Board and your regulators that you are aligning to regulatory expectations.
    • If you sell to regulated firms, I show you how to prove to these firms that you are not a risk to their security. Right now, you may think you are a solution, but they think you are a risk.

To learn more, go to



I run online workshops to show regulated financial services firms how to align to the expectations and guidance of regulators like the Central Bank of Ireland and the Data protection Commission.

I also run online workshops to show businesses, fintechs and SaaS providers trying to sell to regulated firms how to align their cybersecurity defences to the expectations of these enterprises.

For more information, or to organise a private workshop for your organisation, go to


Once-Off “Ask Me Anything” Session

Sometimes, you don’t need a long-term advisor. You just need a conversation to help you get some clarity.

My ‘Ask Me Anything’ session is a 60-minute online meeting where we can both work through whatever questions you have. No agenda. No follow-up. Just your questions and our confidential discussion.

For more information, go to


Board Training & Awareness

A board training session that will identify your “next best action”

Why: The board of every regulated entity needs to know how the organisation should be managing cybersecurity risk, and what is expected of board members. They need to know about the emerging risks and current regulatory expectations.

Why Me: A cybersecurity expert can talk to board members about the latest attack trends. A compliance expert can talk about the latest regulatory guidance. I cover both, in plain English. I focus on the most likely risks (not necessarily those that hit the headlines) and what the regulators expect of board members (which may differ from their expectations of executives and senior managers).

What: My training session includes key talking points about current threats and regulatory expectations, but it is designed to encourage board members to ask me anything and to steer the session to the areas of most concern to the organisation.

How: 30-minute preparation session + 60-minute training session. Both delivered remotely over Zoom (or Microsoft Teams).

When: The 30-minute preparatory session will involve a small group of your executives and senior managers, to ensure my training session reflects the specific dynamics of the organisation. The board training session can then be delivered between 3-5 days after this preparatory session.

Optional add-ons: Subject to my availability, I can provide the training in-person. I can also provide Certificates of Completion to all attendees.

To discuss your next board training session, get in touch.


Staff Cybersecurity Awareness Training

Cybersecurity is not just about technical security. Your staff are a key layer of defence. The majority of attacks succeed because a human has been fooled.

Cybersecurity training that does not bore the life out of your staff and will strengthen one of your key defences.

I provide online training sessions (via Zoom or MS Teams) that explain to staff in plain English why and how they are targeted, and how they can spot the warning signs.

I also provide quarterly refresher training (small consumable ‘bites’ of advice) so your staff maintain their vigilance.

To learn more, go to


Staff Testing

You should test the strength of your human defences before the bad guys test them for you.

Gain insight into who is more likely to click a malicious link, so you can focus your investment in the right areas.

I provide a quarterly phishing test service, which sends a simulation of a malicious email to your staff and identifies who is fooled by the simulation.

If you are unsure about whether you should invest in awareness training, or whether your previous training has paid off, a phishing test will give you an objective answer.

To learn more, go to


Suspicious? Get A Second Opinion!

If your staff receive an email that they think may be suspicious, I will provide them with a second opinion.

For less than 50c per person per working day, you will significantly reduce the risk of your staff being fooled by a malicious email.

To learn more, go to