My name's Chris — though most people in the industry know me as HB. I'm a cyber security professional, CISSP, GIAC Advisory Board member, and career-long advocate for pragmatic, risk-based security.
I got into this field the way a lot of us did — by trying to break things. As a kid, it started with bypassing region locks on games consoles and pushing the limits of a Commodore Amiga. When I finally got my hands on a Gateway PC with an AMD K6-2, I realised just how much I didn't know — and I've been chasing that feeling ever since.
That curiosity turned into a career spanning military counter-intelligence, government security, and international diplomacy. Today, I work as a Senior Information Security Officer within HMG, delivering independent assurance across complex programmes and advising on risk at the strategic level. But I've never lost the hands-on itch — I still "test pens", build tools, break into labs, and stay close to the craft.
Outside of the day job, I develop small, practical tools aimed at helping fellow practitioners — the kind of things that soften the blow of eye-watering commercial licence fees. Some start as quick personal utilities that get a bit out of hand; others are collaborative efforts with people I've worked alongside over the years.
I also play the drums, which is a great creative outlet and a nice change of pace from the world of ones and zeroes. When I'm not behind a kit or a keyboard, you'll probably find me near a football pitch (watching rather than playing these days — bad knees...), chasing the F1 around the world (where time and finances allow), or lost in something sci-fi — Blade Runner, Ghost in the Shell, AKIRA, Aliens, or the works of James S.A. Corey and Terry Pratchett. The aesthetic of this site probably gives that away. I'm also an old-school gamer at heart, from a time before incomplete titles, endless patches, and microtransactions — and I still enjoy revisiting the classics.
Penetration testing, red teaming, exploit development, web application security, wireless assessments.
Cloud security (AWS, Azure), DevSecOps pipelines, scripting and automation (Python, PowerShell, Bash), secure design review.
ISO 27001, NIST CSF, risk assessment and treatment, security audit, policy and control frameworks.
Foreign, Commonwealth and Development Office • Senior cyber security authority delivering independent risk-based assurance across complex government programmes, live services, and architectural change. Responsible for ISMS compliance and formal risk assessment against ISO 27001, NIST CSF, CIS benchmarks, and HMG policy frameworks. Advises senior stakeholders and governance forums on security architecture, risk trade-offs, and secure-by-design decisions across on-premise, cloud, and hybrid environments. Previously deployed overseas as a Diplomatic Officer to the British High Commission in Nicosia, leading regional cyber security assurance across HMG estates in Eastern Europe and the Middle East.
SANS Institute • Conducted advanced security research into hardware, software, and human factors, publishing and presenting findings internationally. Designed and delivered cyber ranges and Capture the Flag challenges used for practitioner development and executive awareness, translating cutting-edge research into practical risk insights for government and industry audiences.
Royal Air Force • Began career as a Military Police Officer before specialising in information and cyber security. Progressed through increasingly senior roles including protective security, counterintelligence support, and information security across UK and overseas military installations. Led ISO 27001-aligned implementations, conducted technical security audits, and managed incident investigations. Final role as Information Security Specialist within Joint Force Intelligence Group (JFIG) PATHFINDER, providing expert cyber security advice to defence and intelligence programmes. Deployed on operations to Iraq, Afghanistan, and Cyprus.
Whether it's a collaboration, a security question, or just a conversation worth having — you know where to find me.