Senior Security Leadership.
Without the cost of a full-time CISO.
No Jargon
No Juniors
No Long-Term Contracts
Is This You?
You’re under pressure, because you’re realising security is impacting the bottom line.
- Security is now a blocker to new business.
Prospects and clients are asking detailed questions about your security posture, and your answers don’t feel good enough. You’re being asked to complete questionnaires, meet contractual security requirements, or provide audit evidence, and it’s slowing down deals or putting them at risk. - You’ve got people, systems, and suppliers – but no clear structure.
There are tools in place. IT handles some things. But no one’s sure who owns what, or whether the right gaps are being closed. Instead of a joined-up security function, you’ve got just scattered effort and crossed fingers. - You’re not confident your team has the experience or time to get this right.
Everyone’s busy. No one has time to figure out frameworks, map out risks, or write policies that actually reflect how your business works. You need leadership, not more opinions. - You know security is about more than just technology.
Tools alone won’t protect you. You need to address how people work, how processes are followed, and how third parties are managed. Security is business risk, not just an IT problem.
If this sounds familiar, you’re exactly who I help.
I have worked for over 25 years helping organisations to implement, and sustain, a reasonable level of security that aligns to the expectations of their prospects, clients, regulators, and board members.
Why Work With Me?
To get this right, you have three choices:
- Hire a full-time CISO.
- Bring in a large consulting firm.
- Or partner with me – A senior, independent expert focused on the outcomes that you need.
Here’s why clients choose me:
- ✅ Experience & Expertise:
You get 25+ years of direct experience with audits, compliance, and security programs in the real world.
No juniors. No Chinese whispers. No handoffs. - ✅ Fast Impact:
Hiring takes months. Big firms take time to ramp up.
I start delivering results in Week 1 – Clarifying priorities, addressing immediate risks, and building momentum. Fast. - ✅ Independent & Objective:
I don’t resell software. I don’t represent your IT provider.
I give you independent, risk-based advice that reflects what’s best for you. - ✅ Less Cost, More Flexibility:
You get seasoned CISO-level input for a fraction of the cost of hiring.
All engagements start with a 3-month commitment and then move to rolling monthly terms. - ✅ Practical, Sustainable Results:
No files for a filing cabinet.
I deliver policies, plans, and improvements that work, and I support and guide your team so they can manage this into the future.
💼 Why Not a Big Consulting Firm?
| Big Firm Model | My Approach |
|---|---|
| Led by a senior partner, but delivery handled by juniors. | You work directly with me, a senior practitioner. |
| Heavy on process, light on experience. | Action-oriented improvements based on 25+ years of on-the-ground experience. |
| Generic frameworks and slide decks. | Tailored advice that fits your real environment. |
| Long contracts, rigid scope. | Month-to-month flexibility, without the rigidity of long-term contracts. |
| High hourly and daily rate costs that only emerge at month-end. | Transparent pricing, and no surprises. |
I have worked for and alongside bigger consulting firms. They’re perfect for certain situations.
But if you need focus, flexibility, and real progress, you don’t need a team of juniors. You need someone who knows what matters and knows how to get it done.
What You’ll Get
- Clarity on your risks, gaps, and priorities
- A realistic roadmap aligned to your business needs
- Hands-on execution and mentoring for your internal team
- Support with audits, ISO 27001, DORA, client due diligence
- Simple, usable documentation and policies
- Ongoing board-level reporting and strategic guidance
- A clean, confident handover when you’re ready to own it internally
Service Options
Minimum 3-month commitment. After that, it’s month-to-month.
PLUS You can change to a different service tier at the end of any month.
How It Works
🔍 Design & Planning
We begin with a focused assessment of where you stand – What’s working, what’s risky, and what’s missing.
🛠️ Execution & Oversight
I work with your team and IT providers to support or lead the work to deliver real progress quickly.
👥 Transition & Handover
My goal is do myself out of a job. I’ll help you decide whether and when you need to develop internal skills, recruit, or outsource, so you’re confident you can sustain this into the future.
How Long Does It Take?
Most organisations engage for about 3 to 12 months.
If you’re going through significant growth, major change, or you are under regulatory pressure, a longer engagement may make more sense.
It’s completely within your control: The minimum commitment is 3 months, and then moves to a rolling monthly commitment.
How Can You Maximise The Benefit?
This is not a ‘fire and forget’ outsourced service.
It’s a partnership.
To ensure my focus is always aligned to your organisation’s priorities, I recommend that I report to a member of the senior executive team.
“During my time as CEO at Ark Life Assurance, we engaged Sam to help us align our IT and cyber security controls to regulatory expectations.
During his time with us, he was also heavily involved in strategic initiatives to support the organisation’s acquisition and integration into Irish Life Group.
During this time, Sam consistently demonstrated deep and wide technical skills, but more importantly, exceptional interpersonal skills. He had an amazing ability to communicate in technical language with external IT providers and intra-group teams, while also always speaking in plain English to the management team.
Sam was also excellent at bridging the gap between first line and second line Risk & Compliance teams, ensuring everyone’s concerns were understood while also ensuring we focused on what was reasonable rather than perfect. This is a rare skill.
Beyond his professional expertise, Sam was always pragmatic, and on more than one occasion helped us regain momentum by ensuring we focused on the ‘next best action’. This not only made him a valuable asset to our team but also a pleasure to work alongside. It was great to know he was always focused on what was best for us, and was willing to push back if he thought we were on the wrong path.
I wholeheartedly recommend Sam. He is not only skilled and dedicated but also a person who brings out the best in those around them.”
Ann Kelleher, Chair, Allianz plc (ex-CEO, Ark Life Assurance dac)
Where to Start
Whether this type of security partnership is a good fit for you or you have something else in mind, let’s talk.
You can schedule a free consultation with me using the button below, or just get in touch via email.
My promise
I know getting in touch with an external consultancy can feel risky.
The last thing you need is to get hounded by some pushy sales guy just because you scheduled one conversation.
That’s why I promise this will not be a sales call.
It’s a no-commitment conversation focused on your current challenges and how I would suggest you address them.
At the end of the call, if you want to understand whether I can help you further, that’s great.
But if you decide you don’t, that’s fine too – I learn* something new from every conversation.
(*Even if it’s just learning that I should really be more like a pushy sales guy.)
Alternatively, just click here to get in touch.