CISO & Resilience Architect
Author of the Resilience Operating Model (ROM)
I design the enterprise security, identity, and resilience architectures that allow complex institutions to operate under stress, govern risk at scale, and demonstrate regulatory readiness to boards and regulators.
Resilience Is the New Compliance
Identity as a Control Plane
When identity moves from an access function to an architectural foundation, it becomes the first indicator of institutional resilience.
Architecture Determines Outcomes
Systems fail because of architectural decisions, not tools. Architecture shapes dependency risk, vendor exposure, and how enterprises behave under stress.
Operational Resilience as Strategy
The organizations that endure are those that can demonstrate performance during disruption, maintain trust, and prove adaptability to regulators and boards.
The Resilience Operating Model (ROM)
A unified operating model that integrates cybersecurity, technology, risk, continuity, testing, and assurance into a single discipline of measurable performance.
About
More than two decades across military intelligence, global financial services, and enterprise cybersecurity. I’ve led security and resilience programs at institutional scale — designing governance frameworks, leading identity-driven security programs, managing enterprise risk across matrixed organizations, and directing incident response when conditions deteriorate.
Speaking
I speak with boards, leadership teams, and regulatory forums about resilience, cybersecurity, and the architectural decisions that determine how modern enterprises withstand complexity and disruption.