Focus

What we work on

Security strategy and operating models
Clear ownership, decision rights, and controls that match reality.

Governance, controls, and assurance
Evidence-driven assurance that survives audit and executive scrutiny.

Reference architectures and build plans
Actionable architectures and implementation plans — not vendor theatre.

Incident readiness and decision support
Preparation, tabletop design, and executive decision support when time is scarce.

What we do not do

• SOC / MDR / managed services
• Tool resale or “partner” pushing
• Generic hygiene programmes
• Checkbox compliance

How we work

Confidential by default. Selective by design.
Where possible, we publish sanitized artefacts (papers, reference models) to make the work inspectable.