Mike Yeomans

Mike is a cyber risk and strategy advisor to board and senior leadership, using risk quantification to deliver cost-optimised tech transformation and GRC programmes.

He has worked with organisations in sectors including: finance, manufacturing, and technology, with activities such as cloud migration, meeting compliance with DORA, and implementing 3rd party risk management programmes.

Mike has experience in strategy & risk, incident response, table-top simulations and playbook reviews, as well as working with law enforcement. He authored the ISF's risk quantification QIRA methodology and tool, helped update ISO/IEC 27002, and has written on topics including Cyber Insurance, Blockchain, and AI.

Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

Safeguarding Critical Supply Chain Data Through Effective Risk Assessment

What’s Hot on Infosecurity Magazine?

Predator Spyware Maker Intellexa Evades Sanctions, New Victims Identified

React.js Hit by Maximum-Severity 'React2Shell' Vulnerability

Louvre to Bolster Its Security, Issues €57m Public Tender

Chinese Botnet Bypasses MFA in Microsoft 365 Attacks

China-Linked Warp Panda Targets North American Firms in Espionage Campaign

How to Fix OST File cannot be Opened Error

Australian Man Gets Seven Years for Running “Evil Twin” Wi-Fi

Critical PickleScan Vulnerabilities Expose AI Model Supply Chains

#BHUSA: Microsoft and Google Among Most Affected as Zero Day Exploits Jump 46%

Gartner: 40% of Firms to Be Hit By Shadow AI Security Incidents

ShadyPanda's Seven-Year Campaign Infects 4.3M Chrome and Edge Users

Preparing for the Quantum Future: Lessons from Singapore

Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

Mastering Emerging Regulations: DORA, NIS2 and AI Act Compliance

Cyber Defense in the Age of AI: Stay Ahead of Threats Without Compromising Safety

Predicting and Prioritizing Cyber Attacks Using Threat Intelligence

Regulating AI: Where Should the Line Be Drawn?

What Is Vibe Coding? Collins’ Word of the Year Spotlights AI’s Role and Risks in Software

Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

Bridging the Divide: Actionable Strategies to Secure Your SaaS Environments

NCSC Set to Retire Web Check and Mail Check Tools

Beyond Bug Bounties: How Private Researchers Are Taking Down Ransomware Operations