Gateshead, England, United Kingdom
I specialise in cyber security culture, awareness, and behaviour change, helping organisations reduce human risk and meet regulatory requirements such as the Network and Information Systems (NIS) Regulations and the National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF). Currently delivering cyber awareness and training within a regulated Critical National Infrastructure (CNI) organisation, I design and implement programmes that drive measurable behavioural change. This includes phishing simulations, role-based learning, and organisation-wide campaigns aligned to NIS, NCSC CAF, National Institute of Standards and Technology (NIST) frameworks, ISO27001, and Government Security Standards GovS 007. I enable adoption of cyber security initiatives by translating complex change into clear, business-focused communications, ensuring users understand and engage with programmes such as identity and access management and wider cyber transformation initiatives. Key outcomes: Reduced phishing click rates by 61% while threat reporting more than tripled, demonstrating sustained behavioural change and reduced human cyber risk Built and implemented cyber security training capability from a zero baseline, achieving over 80% workforce adoption Delivered cyber awareness and training to 6,000+ employees and supply chain partners Supported NIS (CAF) compliance through targeted culture, training, and awareness initiatives Previously, I led large-scale digital transformation programmes within the UK Civil Service, delivering multi-million-pound operational improvements and driving organisation-wide change. I focus on reducing human cyber risk by ensuring security initiatives are understood, adopted, and embedded into everyday behaviour.
Led organisation-wide cyber security culture and awareness programme across a regulated Critical National Infrastructure (CNI) organisation, supporting 6,000+ employees and supply chain, aligned to NIS Regulations and NCSC CAF. Designed and led a phishing simulation and behavioural change programme, reducing click rates by over 60% while more than tripling threat reporting, evidencing a measurable reduction in cyber risk. Built and implemented organisation-wide cyber security training capability aligned to NIS and CAF, establishing capability from a zero baseline and achieving over 80% workforce adoption. Established cyber awareness maturity baseline using NIST CSF, enabling measurement and continuous improvement of organisational behaviour and capability. Enabled adoption of key cyber security initiatives (including identity and access management) by translating complex change into clear, business-focused communications. Delivered executive-level communications and board engagement packs, securing senior leadership buy-in and supporting strategic cyber priorities Built and managed stakeholder engagement across CISO, GRC, SOC, HR, and external partners, ensuring alignment between cyber programmes and business objectives Translated cyber security policies and controls into clear, accessible guidance, improving understanding, compliance, and user engagement. Developed a centralised Security Hub, improving access to policies, training, and incident reporting channels across the organisation. Designed and delivered awareness campaigns, workshops, and engagement initiatives, increasing participation and embedding secure behaviours across the workforce.
Delivered digital transformation initiatives, including automation solutions generating £750k annual savings. Designed secure data-sharing pipeline with HMCTS, enabling 400k+ transactions annually. Reduced legal appeals by 10%, delivering £3m annual savings through improvements to decision-making processes. Developed and implemented policy and process changes aligned with legal rulings, reducing appeals and delivering £5m savings. Designed and delivered training and communication strategies to support adoption of digital and operational change. Led cross-functional stakeholder engagement across policy, digital, legal, and operational teams.
Led and developed teams of up to 100+ staff, improving productivity, compliance, and service quality. Developed and implemented quality assurance frameworks, using data insights to drive continuous improvement. Designed and delivered targeted learning and development programmes, improving capability and performance. Owned business continuity planning, ensuring resilience and continuity of operations across multiple sites. Led organisational change through restructuring and transition programmes, maintaining service performance.
Led operational teams, improving productivity by up to 25% through workflow redesign and performance management. Developed data-driven reporting and dashboards to support resource allocation and decision-making. Delivered implementation of major policy changes (Welfare Reform), ensuring compliance and operational readiness. Built team capability through coaching, training, and structured performance management.