Cyber defence · consulting · engineering

I help organisations build cyber defence that works in the real world.

Detection engineering, incident response, threat-led testing, and the messy human reality of running security in real organisations. Based in the UK, working in UTC.

Get in touch NED — cyber & AI What I do Projects Privacy resources
Selected work

Projects

Reverse-engineering an over-the-air attack that turned three meeting-room TVs into a covert data-egress channel.

HbbTV “Red Button” smart-TV attack research

A breach investigation in 2021 that traced a 94 GB data theft from a UK healthcare provider back to three meeting-room Samsung TVs, compromised over the air through the HbbTV "red button" interactive …
A slate-form portable cyber operations workstation, hardened by default.

Covert Cyber Deck

A 280 × 230 × 30 mm slate built around the Raspberry Pi Compute Module 5 with dual SDRs, monitor-mode Wi-Fi, a BlackBerry-style keyboard, and a fully hardened Ubuntu base. Designed to be self-containe…
Free, defender-focused intelligence on every IP address you can throw at it.

IP Insights

A free threat-intelligence service that answers a single question quickly: what is this IP address, and should I be worried about it? Backed by a network of 73 honeypots, tarpits, and deception device…
All projects
For the people who land here needing help

Privacy & anti-surveillance

Practical, opinionated, UK-flavoured resources for taking back control of your exposure and resisting the steady normalisation of surveillance. Long-time supporter of the EFF; long-time user of OpenPGP.

UK surveillance self-defence

Threat models, scenarios, and the toolkit — written for British readers and British law.

OSINT self-audit

Find what's out there about you, then take it down. UK-specific.

Encrypted contact

Signal, PGP, and other channels — tiered by sensitivity.
All privacy resources
Recent writing

From the blog

Vibe Coding, Shadow Development, and the Boardroom Conversation You Need This Quarter

12 May 2026

WIRED's reporting on thousands of leaking vibe-coded apps is 2017's S3 bucket era in new packaging. A CISO and non-executive director's view of the boardroom questions, regulator exposure and ninety-day plan.

Privacy Tuesdays: The Year of Phased Enforcement

12 May 2026

A CISO and NED view of the last fortnight in UK and EU privacy: age verification, Ofcom fines, the Digital Omnibus, the IPT hearing on Apple, and the ICO.

Five Days in May: The Week That Defined Cyber Security in 2026

11 May 2026

A reflection on a single week of cyber security disclosures — and what they tell us about the shape of the threat landscape, the maturity of attackers, and the choices defenders now need to make.

All posts