Approach
Leadership
Leadership is role-disclosed, identity-restricted. We reduce exposure while maintaining accountability through decision rights, separation of duties, and privilege-aware routing where applicable. Credential matrices, redacted case studies, and references are available in diligence packets under NDA.
Leadership Team
Clients receive named points-of-contact and engagement accountability. Public pages disclose roles, not identities, to limit threat surface and protect client confidentiality. Experience spans high-consequence work across North America, Europe, the Middle East, and parts of Africa and Asia-Pacific.
Executive Security Lead (FCSO)
Decides: risk posture, incident authority, high-risk travel and event approvals.
Interfaces: C-suite, board, outside counsel.
Director, Protective Intelligence
Decides: signal triage, escalation level, monitoring priorities.
Interfaces: EP/physical security, legal, comms.
Case Director, Litigation & Corporate
Decides: investigative scope, privilege routing, disclosure readiness.
Interfaces: trial teams, GC, outside counsel.
OSINT Fusion & Analytics Lead
Decides: collection plans, entity resolution, confidence scoring.
Interfaces: PI director, platform engineering.
HUMINT & Source Handling Lead
Decides: source vetting, contact strategy, deconfliction & payments.
Interfaces: counsel liaison, case directors.
Red-Team & Adversarial Testing Lead
Decides: test design, success criteria, remediation priorities.
Interfaces: FCSO, facility/IT owners.
Platform & Security Engineering Lead (Knox)
Decides: access controls, audit trails, data retention & redaction.
Interfaces: analytics, compliance, client IT.
Risk, Compliance & Counsel Liaison
Decides: policy alignment, legal holds, discovery posture.
Interfaces: GC, privacy, regulators.
Crisis Response Coordinator
Decides: activation, war-room cadence, cross-team comms.
Interfaces: FCSO, comms, external partners.
How We Run Sensitive Work
- Privilege-aware routing Counsel-first on matters likely to face discovery.
- Separation of duties Collection ≠ analysis ≠ approval.
- Dual-control Elevated access and sensitive source operations.
- Auditability Actions, edits, and decision points in Knox.
- Need-to-know partitioning Minimization and redaction by default.
Escalation & Decision Rights
| Trigger | Owner | SLO |
|---|---|---|
| Credible threat signal | Protective Intelligence Director | ≤ 60 min triage |
| High-risk travel/event change | FCSO | Same-day |
| Legal hold / disclosure question | Counsel Liaison | ≤ 24 h |
| Access exception / data request | Platform & SecEng Lead | ≤ 8 h |
| Public-facing incident comms | Crisis Coordinator + Counsel | War-room |
Diligence Available (Under NDA)
- Credential matrix by role (certifications, years-in-discipline, operating environments).
- Redacted case studies (problem → method → outcome; sourcing & confidence included).
- Client references (where permitted) and engagement accountability details.
- Security posture summary (data handling, retention, access controls, incident process).
- Insurance/licensing documentation as applicable to scope and jurisdiction.
Guardrails
- No covert activity without documented legal basis and client authorization.
- No pretexting for protected data; no scraping behind authentication without consent.
- All briefs include provenance, assumptions, and confidence—not just conclusions.