About me

About me

I am a Senior Manager at Deloitte specializing in cybersecurity, with 24 years of experience helping enterprises secure their most critical systems.

For the past year I have been focused almost entirely on one problem: the gap between how fast enterprises are adopting AI and how little governance infrastructure exists to manage it. Most organizations have dozens of ungoverned AI tools in active use, no structured audit trail for the prompts reaching their models, and no way to show an auditor—or a board—what is actually happening across their AI environment.

I write about this problem from the inside. Not as an analyst summarizing research, but as a practitioner who has spent time with the CISOs, CFOs, and security teams dealing with it directly.

On this blog you will find:

  • What enterprise AI governance actually requires in practice — not theory
  • How to approach the EU AI Act, SOC 2, and HIPAA in the context of AI
  • The security risks most organisations are not thinking about yet
  • Frameworks and approaches I have found useful working with enterprises

I publish one article per week. If you find it useful, subscribe below—I send each article directly to your inbox.

You can also find me on LinkedIn.