Manchester Area, United Kingdom
I work with boards and executive teams to improve the performance of their IT and cybersecurity functions—not by adding more controls or investment, but by addressing the conditions that determine how those functions actually operate. In many organisations, IT and security are treated as cost centres, focused on managing risk and maintaining stability. The result is often significant spend, limited visibility, and outcomes that fall short of expectations. What is less visible is that these same environments are also producing inefficiency, slowing change, and constraining broader business performance. My work focuses on changing that. Through board-level advisory, I help organisations understand how their current operating model is producing the results they are seeing—across cost, risk, and performance—and define a path to improve it. This typically unlocks significant savings within IT and security, while also creating the conditions for faster change, better systems, and reduced risk over time. Beyond this, IT and security functions provide a rich source of signals about how the organisation is operating. When interpreted correctly, they highlight inefficiencies, friction, and missed opportunities across the business. Addressing these not only reduces the need for ongoing mitigation, but improves overall performance—lowering cost, increasing efficiency, and enabling growth. In practice, this work often continues beyond initial advisory through a governance role, guiding transformation programmes and working alongside internal teams and delivery partners to ensure that intended outcomes are actually realised. This layer is frequently missing, and without it, much of the strategic value within IT and security investment remains unrealised. This work is delivered through Sequoia Consulting. Alongside advisory, I regularly speak at conferences, for organisations, and within vendor and industry ecosystems on how to rethink IT and cybersecurity as drivers of business performance rather than cost and constraint. More on speaking: gregvandergast.com Advisory and engagement: sequoia-consulting.co.uk
Niche management consultancy around the often ignored strategy, policy, organisational, and maturity issues that behind most cybersecurity problems. We help executives reduce security costs and get clear understandable results to the bottom line. We also help CISOs elevate themselves to the business. In short, we solve the business problems causing your security problems.
gregvandergaast.com Profile: "Engaging, thought provoking, and humorous are words not typically associated with Information Security speakers, but Greg has taken the speaking circuit by storm, more often than not the highest-rated speaker at events, thanks to his unique personal brand, fascinating anecdotes, and a very different take on the industry. An advisor, CISO, author, mentor, and speaker, Greg was once cited as one of the world’s five most notorious hackers and worked undercover for the US FBI and DoD for three years after setting off an international incident by breaking into a nuclear weapons facility. He’s since become one of the foremost thought leaders on how organisations can protect themselves with unconventional approaches going far beyond just technology to include elements of strategy, leadership, and human potential, and even turning security from a cost to a competitive business advantage. Able to entertain, captivate, and enlighten a wide range of audiences from technical to C-level, Greg has featured in Wired Magazine, CNN, and numerous Tech and Business conferences. He is sure to be a hit at your next event." Reviews: “Engaging, inspirational, insightful.” “Really positive, useful, completely different twist. Much needed at InfoSec events.” “The best reviews we’ve seen.” "World class." “Incredibly good.” "Epic talk." “Ranked the highest of all of our presenters.” "It goes without saying that you were the star of yesterday’s conference.” “The best chair we’ve had.” “The delegate response from your talk has been excellent, you are a really engaging presenter and people found the advice you gave really constructive and pragmatic.” “Lost count of the amount of times I've recounted things Greg said to my customers and left them in awe.” "His part in the event was amazing and definitely provided the wow factor."
Assisting CDW in helping drive business outcomes for customers. Messaging, strategy, and a holistic approach all help customers move beyond buying tools to firefight problems and move towards solving them sustainably to the benefit of the business.
More strategist than technologist, I help customers achieve better outcomes. It's my mission to provide our customers with a different approach to security that improves the business and supports the bottom line rather than burdening it.
I help vendors... -Build trusted relationships with customers by promoting understanding of the customer and helping them with useful insights and expertise. -Create marketing messages that resonate with what security teams and companies are aiming to achieve. -Creating content that addresses concerns and misconceptions and presents value propositions so your prospects are ready to be sold to. -Create strategic narratives and value propositions around products and offerings that increase their perceived value by the customer. -Advise Sales, Marketing, and Sales Engineering staff on how to better connect and convert through relevant storytelling and framing. -Educate and break down barriers with talks, hosting dinner or other events. See gregvandergaast.com for more details.
CMCG (Creative Minds Consulting Group) is my own consultancy, providing savvy executives with the insight to get the assurance they need, far surpassing what the information security status quo can provide, at a fraction of the cost. During my time operating I have: -Taken InfoSec organisations from highly dysfunctional to strategic contributors. -Identified several million $/€/£ in wasted spending. -Found countless issues and traced back their root causes. -Coached numerous CISOs and C-level executives. -Gotten organisations ISO27001 and PCI-DSS compliant without even trying (focusing on securing the company instead of chasing compliance, allowing transparency and compliance by default). -Dramatically improved internal visibility and security capability with no increase in cost (decreases as high as 30%). -Built phenomenal human talent and teams. Have a look at my articles on LinkedIn or contact me at [email protected] for more information.