What I bring to the table

Threat modelling & preparation

Threat modelling & preparation helps make sense of how adversaries might actually approach your systems and people. The focus is on attacker-centric models that map power structures and behaviours, rather than abstract risk categories. It is a participatory process, often involving journaling, mapping, and shared documentation, to surface different perspectives and align understanding across a team. The result is not a static report but a working model that can be revisited, tested, and adapted as situations change.

Facilitated choreographies

With just a few essential choreographies teams can plan change by starting with the desired state and working backwards to the present, surfacing the actions, dependencies, and obstacles along the way. Crucially, these are not linear roadmaps but looping, adaptive processes: as you move through them, new dependencies and risks will emerge, requiring steps to be revisited, reshaped, or dropped entirely. By combining scenario planning, backward mapping, and regular temperature checks, organisations can anticipate challenges before they hit and adjust course in real time. The term “choreographies” reflects that this is not a solo exercise but a collaborative movement, where steps are coordinated, rehearsed, and revised together.

Workshops

Our training approach draws on Montessori’s hands-on experimentation and self-paced learning, Virginia Satir’s human-centric role-play and organisational development, and Gerald M. Weinberg’s principles of change and effectiveness management. Participants learn by doing, reflecting, and adapting, with exercises designed to develop insight, collaboration, and practical resilience in organisational contexts.

Within this framework, four distinct strands of workshops guide skill and capability development. Guerrilla Gardeners can focus on reclaiming and nurturing digital spaces with playful, practical exercises. Myrddin’s Menagerie explores attacker behaviours and tradecraft, teaching teams to spot, move, and protect assets in a simulated wild environment. Stormforge places crews in turbulent, storm-like conditions, building skills to patch, respond, and improvise under pressure. Cross-training & capability building develops multi-skilled teams through rotations, gamified labs, and adversarial exercises, strengthening both individual competence and collaborative agility for purple teaming.

What you can use these for

We support small and scaling-up organisations with organisational development and system effectiveness consulting for strengthening their security posture and operational resilience. From hands-on workshops and scenario planning to threat modelling and incident response, our services blend practical exercises, strategic foresight, and governance guidance to help teams anticipate, respond to, and learn from challenges effectively. For example, for:

Security culture & awareness programmes

Embedding security thinking into day-to-day operations, from executives to staff. Interactive workshops on social engineering, phishing simulations, and human factors in security. Custom learning paths that fit organisational maturity and team roles.

Incident response & crisis facilitation

SIRT setup for small organisations and SOC advisory for larger ones. Tabletop exercises and live simulations to test response procedures. Crisis communication training and continuity planning.

Organisational risk audits & resilience assessment

Mapping organisational assets, dependencies, and critical processes. Identifying weak points not just technically, but socially and procedurally. Actionable insights for mitigation, prioritisation, and ongoing monitoring.

Strategic foresight & scenario planning

Model emerging risks and disruptive technologies. Develop multiple plausible futures and test organisational assumptions. Facilitate contingency and decision-making frameworks that embed resilience.

Threat modelling workshops

Hands-on, participatory modelling of adversary behaviour and operational risks. Develop attacker-centric scenarios that inform concrete defensive measures. Supports learning, alignment, and cross-team collaboration.

Knowledge transfer & playbook development

Capture lessons learned from incidents or exercises. Build operational manuals, SIEM dashboards, detection playbooks, and SIRT/SOC workflows. Tailor content for onboarding new staff or cross-team rotations.

Compliance & governance advisory

Advice on GDPR, ISO 27001, and sector-specific security regulations. Facilitate governance workshops that align organisational processes with security practices. Gap analyses with actionable recommendations.

How I work

• Dutch ZZP (KvK & VAT registered)
• Prefer direct, project-based work with clear outcomes
• Happy to collaborate on public interest tech, safety infrastructure, or field research
• I do not outsource, overpromise, or sell data