The Team & Approach page strengthens trust quickly. It lets prospective clients see who will perform the work, why the team is qualified, and how Digital Assurance Group turns assessment activity into business-ready results.
The team
Our team has performed global cybersecurity assessments and operated security, risk, privacy, and governance programs across complex enterprise and regulated environments.
Cybersecurity leader with deep experience building and leading global assessment, third-party risk, vendor risk, compliance, M&A security, and operational security programs across Fortune 500 and high-growth environments.
Founder and CEO of Malama Advisory with 30+ years in cybersecurity, privacy, risk management, compliance, executive advisory, global assessments, and governance leadership across major technology and enterprise environments.
UK-based information security and cyber risk specialist with 30+ years across government, international programs, critical national infrastructure, finance, energy, aviation, high technology, privacy engineering, and global supply chain security.
Cybersecurity and information security professional with 30+ years of enterprise risk and global assessment experience across M&A, third-party risk, vulnerability assessment, and major security frameworks.
Operating credibility
Our assessments are not checklist exercises. We evaluate governance, evidence, implementation, ownership, monitoring, and remediation from the perspective of people who have built programs, led teams, defended production environments, managed audits, and reported risk to executives.
Our methodology
We focus on what can be proven, what matters to the business, and what leaders can act on.
Define objectives, business context, systems, third parties, data sensitivity, frameworks, and stakeholders before assessment work begins.
Review policies, standards, artifacts, architecture, workflows, system evidence, ticketing data, control ownership, and operating records.
Meet with control owners and operational teams to validate how controls are designed, implemented, monitored, and improved.
Identify gaps, assess impact and likelihood, distinguish design issues from operating issues, and prioritize remediation around business risk.
Deliver clear reporting that includes strengths, gaps, risk themes, control effectiveness, remediation recommendations, and leadership-level decisions.
Support follow-up validation so remediation progress can be measured, evidenced, and communicated with confidence.
We provide a clear view of risk and control effectiveness without unnecessary complexity or vendor-driven bias.
We recommend actions that can be implemented in real environments with real operational constraints.
We communicate findings in a way that supports board, audit committee, procurement, legal, security, and technology decisions.
For scoping, availability, or general questions, contact Digital Assurance Group at the email below.