Cyber Security & Risk Strategies that Work


CSO Confidential and its Associates are engaged with a whole range of cyber security strategy activities and projects for both companies and government departments. This site briefly highlights some of our key activities and provides some links to our work projects as well as pointers to white papers, lectures and other publications. Please follow the links as that is where you will find much more detail.


World Economic Forum Logo

Board and Executive Cyber Security Advice

We support Boards of Directors and Business executives in understanding cyber security risk and how it can be reported and managed. We also support CISOs in developing their Board and executive metrics. We recommend the World Economic Forum report "Advancing Cyber Resilience: Principles and Tools for Boards" which we had the pleasure of being involved with.


Generic placeholder image

Academic Research

Many cyber security problems present technical, or more often, managerial challenges which need leading edge thinking to address. We work closely with universities including Royal Holloway, where Paul Dorey is a Visting Professor in Information Security, to get access to leading thinking.


Generic placeholder image


We have contributed to a number of books and have produced white papers on a range of cyber security topics. Cyber security is not just about technology but is also concerned with organisation and the behaviour of individuals. We explain how to deal with these security challenges in 'The Weakest Link' published by Bloomsbury. Our overview on the security of the Internet of Things is covered in a chaper in 'Smart Cards, Tokens, Security and Applications' published by Springer.


Latest Work

Our very latest work probably has not yet reached this web site, but here are some tasters!


Energy Cyber Security

We faclitate the UK electricity and gas cyber security task group, consisting of the 26 major operators together with key government departments. You can find out more aout the work on the E3CC information web site.


Leading Edge Technology - The Internet of Things.

Our work on cyber security strategy is informed by technology innovation and transformation in business. The Internet of things (IoT) is a key advance which is transforming how we approach the use of technology and the cyber security management which goes with it. Our founder Director is also the Chairman of the IOT Security Foundation which has a key role in devising good security practices and promoting adoption of security and privacy in IoT.

Cyber security impacts (almost) everything

Our clients cover financial services companies and banks, energy companies, technology companies, pharmaceuticals, retailers, shipping and logistics, professional services, education, government and not for profit organisations. Cyber security impacts almost everything and everyone as digital systems have become pervasive. Why not make contact to find out if a case study matches your experience.


CSO Confidential is a boutique consultancy firm, working with group of associates, which was founded and led by Paul Dorey to provide support to in-post security and risk leaders and provide better access to the best independent security consultants, interim CISOs and expert witnesses. A particular mission of CSO Confidential is to improve the connection between executive risk management decision making, information security and the research community.



CSO Confidental Ltd
PO BOX 306