Intelligent Resilience

AI security and cyber resilience consultancy. Specialist experience in NGOs, arms-length public bodies, and health-adjacent charities, the organisations most exposed and least protected.

Get in Touch Our Services

Services

Practical expertise in cyber resilience, AI security, and governance for mission-driven organisations

Cyber Resilience Strategy

Cyber security roadmaps aligned with NIST, CIS Controls, and Cyber Essentials, built around your risk appetite and board-level obligations, not generic best practice.

  • Strategic planning (3–5 year roadmaps)
  • NIST CSF & CIS Controls alignment
  • Risk and governance frameworks
  • Board-level assurance reporting

AI Security & Agentic Risk

Governance and oversight for AI systems in production, including agentic AI, autonomous decision-making, and the emerging risks that most organisations haven't yet planned for.

  • Agentic AI security assessment
  • AI governance framework design
  • EU AI Act readiness
  • Incident response for AI systems

Digital Resilience Assessment

Evaluate your current cyber posture against recognised frameworks. Identify the gaps that matter most, prioritise investment, and build a practical path forward.

  • Cyber maturity assessment
  • Gap analysis against standards
  • Investment prioritisation
  • Implementation roadmap

Autonomous Security Operations

Design and governance of AI-driven detection, investigation, and response. Reduce dependency on round-the-clock human monitoring while maintaining accountability and audit capability.

  • Autonomous detection & response design
  • AI platform evaluation (Darktrace etc.)
  • Operating model transformation
  • Governance and escalation frameworks

Learn more →

Sector Expertise

We work with organisations that operate under real constraints: funding pressures, regulatory scrutiny, and the expectation of doing more with less. That's where our experience sits.

International NGOs & Charities

Complex, multi-country IT environments. Donor reporting obligations. High exposure to targeted attacks on humanitarian data and beneficiary records, with limited in-house security resource.

WaterAid · Dementia UK · sector-adjacent organisations

Arms-Length Public Bodies

PSN compliance, Cyber Essentials requirements, and public accountability, combined with the governance complexity of organisations that sit between government and the market.

Victoria and Albert Museum · cultural and heritage sector

Health-Adjacent Charities

Working alongside NHS systems and DCB standards without the full NHS resource base. Patient-adjacent data, clinical partnerships, and the regulatory expectations that come with them.

NHS-linked charities · clinical support organisations

Technical Expertise

Frameworks & Standards

NIST Cybersecurity Framework, CIS Controls, Cyber Essentials, ISO 27001, PSN, DCB standards

AI & Autonomous Security

Agentic AI risk, autonomous detection and response, OWASP Agentic Top 10, AI governance

Governance & Risk

Board assurance, risk register integration, compliance reporting, incident response planning

Technology Platforms

Microsoft Defender, Sentinel, Entra ID, Darktrace, MDR evaluation and procurement

Operating Models

SOC alternatives, managed detection and response (MDR), internal security capability maturity

Regulatory Readiness

EU AI Act, GDPR, Cyber Essentials Plus, UK NCSC guidance, sector-specific compliance

About the Practice

Intelligent Resilience is a specialist consultancy focused on AI security, cyber resilience, and governance, with particular depth in the sectors that are most exposed and least well served by mainstream providers.

What We Do

We help organisations move from reactive, fragmented cyber security to intelligent, resilient operations. That means building strategies that hold up under pressure, governance frameworks that boards can actually use, and operating models designed for organisations that can't staff a 24/7 SOC.

Track Record

  • Dementia UK: reset underperforming IT function, established cyber monitoring and incident response capability alongside NHS-adjacent data obligations
  • WaterAid: stabilised a fragmented global IT estate and strengthened cyber governance across 26-country international operations
  • Victoria and Albert Museum: Cyber Essentials and PSN compliance programme for a major public cultural institution
  • American Express: large-scale, risk-critical technology environments with board-level cyber and resilience accountability
On the horizon: As agentic AI moves from pilot to production across the sector, the governance gap is widening. We're actively tracking the emerging risk picture, including the OWASP Agentic Top 10, Project Glasswing, and the regulatory signals coming from the EU AI Act, so our clients don't have to.

Current Focus

Now
Cyber resilience strategy, AI security governance, and autonomous security operations. Available for project work and advisory retainers.
2026
Expanding AI governance capability as EU AI Act obligations come into force. Smart cities and public infrastructure security briefings for ITU WG5.
2027+
Broadening into ecological resilience and sustainable systems design, building the long-term practice beyond digital security.

Thinking

Longer-form exploration of ideas that don't fit a fortnightly briefing. Questions without settled answers, connections worth making, and positions we're prepared to defend.

Cryptographic AI Security
April 2026

Proving the Machine Didn't Lie: Zero-Knowledge Proofs and the Future of AI Audit Trails

Zero-knowledge proofs were built to solve a problem in cryptography: how do you prove you know something without revealing it? It turns out the same question is now central to AI governance. What tamper-proof AI verification actually means in practice, and why the DeFi world solved this problem first.

Read the piece →
Coming Soon
May 2026

Antifragile by Design: What Taleb Gets Right About AI Governance

Resilience is not the same as robustness. An organisation that survives a cyber incident unchanged hasn't built resilience. It's got lucky. Nassim Taleb's antifragility principle applied to agentic AI: why the goal is to build systems that improve because of failure, not merely prevent it.

Subscribe to be notified →
Causal Security Analytics
April 2026

Root Cause or Red Herring? Why Security AI Needs to Stop Correlating and Start Reasoning

Security teams have spent a decade training AI to spot patterns. The smarter question is whether we've been asking it to do the wrong thing, and why causal inference changes what "root cause analysis" actually means.

Read the piece →
Coming Soon
May 2026

What Does "Auditable" Mean When the Decision-Maker Is an Agent?

Regulators and boards are asking for audit trails. But the audit trail concept was built for human decisions: discrete, attributable, reversible. When an autonomous agent makes ten thousand micro-decisions in the course of a single task, what does accountability actually look like?

Subscribe to be notified →

Insights

Get in Touch

Interested in discussing your cyber resilience strategy or AI security approach? We'd like to hear from you.