Training that changes what people do, not just what they know.

Most security training ends when the slides do. People can recite the policy back to you and still freeze when it actually matters. These workshops work the other way around. They’re facilitated, hands-on, and built around your organisation, so the learning happens in the room and stays there after everyone has left.

I run them for the people who actually have to act, from the management setting the direction to the responders working the incident. Each one is shaped around what your team really does and where it keeps getting stuck, not a generic curriculum.

Two workshops. Pick the room you need to change.

Management Training

A half-day that gets management ready for what NIS2 actually asks of them, run through the EXPOSURE game rather than a lecture.

Incident Response Workshop

Turn the tabletop exercise into an immersive session your responders actually want to run, not sit through.

Not sure which fits?

Tell me who needs the training and what they keep getting wrong, and I’ll shape a session around it.

No cookies here

Notice there’s no cookie banner here.
That’s intentional and the site is still GDPR-compliant. I chose to avoid cookies and stick to basic, privacy-friendly stats.
My analytics are cookieless: self-hosted Plausible (EU) and PostHog in cookieless mode, with your IP anonymized. No cross-site tracking, nothing that identifies you.
The one cookie I can set does the opposite of every other cookie: it tells my stats to ignore you completely, and you only get it if you ask.

Everybody wins.