Cyber & Digital Trust
Investigations, assurance and advisory that boards can act on.
When something has gone wrong — or an auditor, regulator or customer is asking hard questions — you need someone senior who has done this before, can find the truth quickly, and can put the answer in language a board can act on. That is the work of this practice.
What we do
What this covers.
-
01
Security investigations and incident support
When something looks wrong, we establish what happened, how far it goes and what to do about it — quickly and discreetly.
-
02
Cyber assurance and audit readiness
ISO 27001 and NIST-aligned reviews that tell you where you actually stand — and what an auditor will say before they say it.
-
03
AI governance and digital trust advisory
Practical controls for AI adoption, mapped to NIST AI RMF, the EU AI Act and ISO 42001. Proportionate, not theatre.
-
04
Fractional CISO
Senior security leadership at a fraction of a full-time cost. Owns the risk register, the roadmap and the board conversation.
-
05
Supply-chain and third-party assurance
An honest read on the vendors and partners your business depends on, before they become your incident.
-
06
Board and investor reporting
Cyber posture in commercial terms — what is at risk, what it costs, what to fix first.
How it typically starts
Usually with a conversation under NDA. A short scoping call, then a fixed-price first phase — an investigation, a gap assessment or a readiness review — and a written read of where you stand within weeks, not months.
Credentials
Led by Douglas Trainer — builder of the UAE Government's cryptographic certification authority for critical national infrastructure; 14 years Intelligence Corps; previously DV-cleared.
Start a conversation
Tell us where the business is losing time, money or momentum.
We reply within one working day with an honest view — and if we can't help, who's better placed.