When does an organisation need an Interim CISO?

Common triggers include an unplanned CISO departure, a cyber incident requiring experienced leadership, a regulatory examination requiring a credible CISO in post, a major merger or acquisition requiring security integration leadership, or a period where board confidence in the security function needs to be restored quickly.

How quickly can an Interim CISO be in place?

An experienced Interim CISO can typically be engaged and operational within days of an initial conversation. The value of interim appointments is time-to-impact: the board, regulators, and security team need credible leadership immediately, not after a months-long onboarding process.

What is the difference between an Interim CISO and a Fractional CISO?

An Interim CISO fills a full executive role on a fixed-term basis, typically full-time or near full-time, until a permanent appointment is made or a specific mandate is complete. A Fractional CISO provides ongoing part-time CISO leadership for organisations that do not need a full-time appointment. The distinction is scope and time commitment rather than seniority.

Interim CISO London & UK

Senior cyber security executive leadership, available when you need it most

An Interim CISO provides full executive security leadership on a fixed-term basis, taking ownership of the CISO function, not just advising on it. For organisations facing a leadership gap, a major transformation, a regulatory deadline or an incident recovery, this is the fastest route to credible, operational cyber security leadership without a permanent appointment.

Interim vs. Fractional CISO

An Interim CISO takes ownership. A consultant advises

The distinction between an interim executive and a consultant is fundamental. A consultant analyses, recommends and departs. An Interim CISO steps into the role, attends leadership meetings, runs the security function, reports to the board, engages with regulators, and is accountable for outcomes, for the duration of the engagement.

That ownership is what organisations in genuine need require. When a CISO departs unexpectedly, when an incident exposes a governance gap, when a merger creates urgent security integration pressure, or when a regulatory deadline requires credible security leadership to be in place, advisory is not enough. The organisation needs someone in the role.

I have served as a full-time CISO at MS Amlin, British Land, Suntory Group and Xoserve, and as Interim Group CISO at Planet Payment, onboarded directly by Advent International. That is the operational background an Interim CISO engagement draws on.

What an Interim CISO takes responsibility for

Leading the security function and team

Board and executive committee reporting

Regulatory engagement and compliance oversight

Security risk management and governance

Incident response decision-making and escalation

Security programme direction and delivery oversight

Permanent CISO search support and handover

Vendor and third-party security management

When an Interim CISO Is Required

The situations that require an Interim CISO, not a consultant

CISO Departure or Vacancy

When a CISO leaves, planned or unplanned, the gap is immediate. Board reporting continues, regulatory obligations continue, incidents do not wait. An Interim CISO covers the function from day one, maintaining continuity while a permanent appointment is made on the right timeline rather than under pressure.

M&A and Post-Merger Integration

Acquisitions create concentrated security risk. Inherited technology, undisclosed vulnerabilities, overlapping regulatory obligations, and the operational disruption of integration all require active security leadership. An Interim CISO takes ownership of the security dimension of M&A integration from deal close through to a stable security baseline.

Incident Response and Recovery

Following a significant security incident, organisations frequently need credible, independent security leadership to manage the recovery, engage with regulators, rebuild governance, and demonstrate to the board that the root causes have been addressed. An Interim CISO brings independence and experience to that recovery.

Regulatory Deadline Pressure

DORA, NIS2, FCA cyber resilience assessments and Lloyd's market security requirements all create deadlines that require a credible, accountable security lead in place. An Interim CISO provides the executive presence and regulatory understanding needed to meet those obligations on time.

Deployment & Track Record

Deployable quickly. Credible immediately

The value of an Interim CISO is time-to-impact. Organisations in genuine need cannot wait months for an executive to develop context and relationships. The appointment needs to be credible from day one, with the board, with regulators, with the security team, and with the business.

With 25 years of CISO experience across financial services, insurance, critical infrastructure, and private equity-backed businesses, I bring the track record that boards and regulators recognise, and the operational experience to contribute from the moment engagement begins.

Interim CISO engagements typically run from three to twelve months, with scope and structure agreed to match the specific situation. For organisations also considering a fractional CISO arrangement, I am glad to discuss which structure is the better fit.

Planet Payment, Interim Group CISO

Onboarded by Advent International to lead security across a newly consolidated PE portfolio spanning global payments, hospitality technology and tax refund businesses.

MS Amlin, Group CISO & Group DPO

Lloyd's market insurer with international operations. Enterprise security governance across a complex, regulated organisation.

British Land, CISO

FTSE 100 real estate investment trust. Full enterprise security strategy and governance.

Xoserve, Director of Cybersecurity Strategy & Transformation, DPO

UK's Central Data Service Provider for the gas industry. Critical national infrastructure, concurrent CISO and DPO responsibilities.

Suntory Group, Director of Cybersecurity Strategy and Transformation

Global FMCG, 40+ countries. Enterprise-wide information security and data protection strategy.

Need an Interim CISO in London or across the UK?

Describe the situation, the gap, the timeline, and the context. I will respond personally and directly.

Arrange a Conversation