Profile
About
I help EU-licensed fintechs build defensible cybersecurity governance that survives regulatory review.
I've been a CISO since 2008 — 17 years in the seat, 24 years across IT and security. The last decade has been focused on financial services: past CISO seats at five EU-licensed fintechs, plus advisory engagements at four more, under supervision of the UK FCA, Lietuvos Bankas, Latvijas Banka, and the Central Bank of Cyprus. Names withheld per engagement NDA.
In 2020 I founded CyAdviso (SIA, Latvia) to bring CISO function to fintechs that need it but cannot justify a full-time hire — typically EMIs, PIs, and CASPs of 30–200 people working under DORA, NIS2, and local cyber-resilience regimes.
Based in Riga, Latvia. Chapter Lead at OWASP Riga and Cloud Security Alliance.
Topics
What I think and write about
- Regulator-facing governance — how DORA, NIS2, and MiCA actually land in practice for EU-licensed entities
- ICT third-party oversight — Article 28 Register of Information, contract clauses, concentration risk
- Evidence and audit trails — why the same control questions keep coming back and how to stop them
- Management body accountability — DORA Article 5 personal liability, board-level cyber oversight
- vCISO function design — named ICT-risk ownership for firms too small for a full-time hire
Writing
Selected pieces on fromCISO
Track record
Credentials
- Certifications
- CISM (ISACA) · CDPSE (ISACA) · SABSA Foundation · SABSA Foundation SCF
- Community
- OWASP Riga Chapter Lead · Cloud Security Alliance Chapter Lead
- Career
- CISO since 2008 · 17 years in the seat · 24 years in IT and security · 5 CISO + 4 advisory engagements
- Regulator coverage
- UK FCA · Lietuvos Bankas · Latvijas Banka · Central Bank of Cyprus
- Location
- Riga, Latvia · EU resident
Contact
Connect
For consulting enquiries — see cyadviso.com. For everything else — email or LinkedIn works best.