My path to Information Security began in a courtroom.

As a Detective, I watched an E-Crime expert dismantle a defence using the concept of non-repudiation; the mathematical certainty that an action cannot be denied.

That moment changed my trajectory. I needed to understand the mechanics behind that certainty. What started as curiosity became an obsession, driving me to pivot from law enforcement to Information Security.

I realised that high-functioning security requires the same discipline as a criminal investigation: strict adherence to logic, the sequencing of evidence and the refusal to accept "surface level" truths.

I approach technology risk with an investigator’s eye. I don’t view security as a compliance checklist, but as an ever-changing landscape.

In practice, I focus on identifying misplaced confidence. I look for the metrics that reassure but obscure, and the governance structures that assume clarity that doesn't exist. My work targets the gaps between "paper security" and operational reality.

I am focused on how emerging technologies such as automation, AI, and post-quantum shifts alter risk ownership. These are not just technical upgrades; they fundamentally challenge how we define accountability.

This site is not a catalogue of services. It is a written body of work exploring how risk is understood and acted upon, aiming to support clearer thinking before issues become visible through failure.