Who are we?
Ashley Woodhall - Founder
After 10 years in cyber security I’ve seen a lot of change but crucially, I’ve learned that good security is just doing a couple of things consistently, and doing them very well.
Practical Infosec helps purpose-led organisations do those things very well, so they can do the good in the world they want while being protected.
I started the business after making myself a promise in 2019: If the next full-time employment role didn’t work out for any reason, I would build something myself which had meaning. I'm now finding meaning through my work, helping purpose-led organisations.
In addition to my BSc in cyber security, I'm certified to GCIH (ability to identify and respond to cyber attacks) and GCCC (ability to carry out audits against the Critical Security Controls).
I have worked in technical, risk management and strategic roles and for the last two years have been running Practical Infosec.
I am a mentor to students both privately and through organisations such as CAPSLOCK and the North East Business Resilience Centre (NEBRC). I have also served on a board of directors for 3 years.
Outside of work, I can be found (out of place) in Barcelona's hipster cafes, watching Liverpool FC, laughing out loud at Bill Bryson's travel books or getting lost in the city. I'm also learning to play chess as I find it infinitely challenging - challenge me on chess.com :)
Farzan Mirza - Cyber Security Consultant
Hi everyone! I am Farzan, I joined Practical Infosec in February 2022 and have assisted with the development and implementation of our services.
I have undertaken various tasks such as producing security articles for our website and clients, developing new services and of course, providing advice to our clients. Alongside my Practical InfoSec duties, I also recently started a volunteering role as a Helpline Responder with The Cyber Helpline.
My interest in Cyber Security stems from my childhood interest in technology & computers. Little side hobbies such as fixing computers and running my own website at 9 years old proved to be vital in developing my passion over the years.
Outside of the Cybersphere, you can usually find me spending time watching football, enjoying a good coffee whilst reading or racking up listening time on Spotify.
Why do we exist?
We want to make a difference. We love going the extra mile by supporting organisations who are making a difference in the world. If your organisation is supporting one or more of the 17 Sustainable Development Goals, we'd love to help you realise your goals.
We want to help sustainable organisations succeed through building practical, proportional security foundations which are appropriate for today and can scale tomorrow.
How do we provide practical assurance?
Importantly, we get to know your organisation really well. We spend time with your employees, demo your product or service and (if you'll let us) we occasionally listen in on calls.
Such context really helps us understand your organisation and cyber security needs, and helps us provide practical help, for example in the form of cyber security roadmaps which are proportional to your current situation and future growth.
Secondly, we shape all of our engagements around quantitative data on your organisation's specific context. We are up aware of the latest facts on where data breaches come from. This makes absolute sense for two reasons:
1. Every organisation faces different threats
2. The right data helps reduce subjectivity, inconsistency and inaccuracy.
Our methodologies are risk-based and consistent, but our services are tailored to you. And they are practical.
What value can we add to your organisation?
Because of our extra focus on getting to know you, the outputs of our assurance services are highly relevant to your security needs and importantly, they are practical and actionable.
We focus on a handful of information security subject areas so we can deliver extremely good value:
- Cyber Security Health Checks