Expertise
Six areas of competence, with OT as core practice.
OT & ICS SecurityCore practice
IEC 62443 zones & conduits, OT–IT segmentation, industrial DMZ (Cisco ISA3000, Check Point 1570R), Active Directory OT, IACS hardening. FAT/SAT support, multi-site HLD/LLD standardisation.
Governance & Risk
ISMS rollouts (ISO 27001:2022), NIS2 readiness, EBIOS RM or ISO 27005 risk assessments. Recent example: 360 NIST 800-53 controls prioritised in 5 months for a Luxembourg-based bank.
Identity & Access
Active Directory / Entra ID, PAM, MFA, RBAC/ABAC modelling in ServiceNow, GPO audits. Nine-month engagement on ~150,000 accounts in a luxury group: 150 user stories delivered, 4 access workflows modelled.
Data protection
Microsoft Purview DLP strategy, classification, Sentinel and Defender for Cloud Apps. Example: 13 business/IT workshops, 21 risk scenarios assessed, a tooled roadmap delivered in 5 months (pharma).
Cloud & Modern Workplace
M365 security: Defender suite, Sentinel, posture management, baseline configurations. Usually integrated as one component of a DLP or IAM engagement rather than as a silo.
Awareness & coaching
GoPhish campaigns (520 + 350 users covered in 2024), escape-game workshops with mock phishing site and VMs (40 sessions, ~200 participants). Executive reports delivered at the end of each campaign.