Mentoring for individuals

Home

Clarity
Capability
Confidence

Purple icon of a man walking up hill towards a flag at the topmentoring for individuals

Are you an individual interested in a career in cybersecurity and unsure where to start?

Or perhaps you're a current practitioner feeling disillusioned and considering leaving the profession?

Whilst family, friends and work colleagues can be great sounding boards; there's value in working through things with the support of someone independent with no vested interest.

We can help!

We have a proven record of helping job seekers go from being unable to secure interviews to getting their foot in the door, improved interview performance and, where it's the right match on both sides - securing that cybersecurity role!

Book a FREE 30 minute mentoring session (opens in a new window)
Head and shoulder shot of Michala Liavaag. A brown woman with wavy long black hair is smiling broadly. She is wearing a dark blue dress with a narrow white border on the neckline and a narrow white stripe down the middle of the dress. She also wears glasses.

"I love sharing knowledge and lessons I have learned.

I enjoy having interesting discussions, learning new things and be reminded why I love working in cybersecurity.

I hope to inspire more people to join the cybersecurity field."

- Michala Liavaag

Group Mentoring

Purple background with a white shield edged with a lime green. The shield contains the WiCys logo and the words 'Proud to be a WiCys Mentor'. There is a bright blue ribbon across the bottom of the shield with the writing '23 CohortWiCys

I am proud to be one of the Women in CyberSecurity's mentors.  The scheme enables me to provide mentoring to a small group of women; I also learn from each of them.

If you're a woman in cybersecurity and you aren't a member yet, do consider joining!

Cybersecurity Mentoring HubPhoto of a laptop showing a video call in progress, there are lots of different people on the screen. There is a green mug in the left hand corner.

It was Noureen, founder of the CyberSecurity Mentoring Hub, who inspired me to start giving back to the industry in this way.  She holds a monthly call featuring a presentation on a specific topic followed by Q&A for mentees.  

Be sure to check out their LinkedIn group.

One-to-One Mentoring

Basic

First-come, first served
Duration: 30 minutes
Per person limit: 1 per month
Slots available: 2-4 per week

I make a couple of hours available most Friday evenings for anyone needing support with a particular issue or signposting where to go next.

Book a FREE 30 minute mentoring session (opens in a new window)

Standard

Invitation only
Duration: 45-60 minutes
Per person limit: 1 per month
Slots available: 1/2

This is reserved for a handful of ad-hoc mentees who I have offered additional sessions over time without formal committment on either side.

ENHANCED

Invitation only
Duration: 60-90 minutes
Per person limit: 1 per week initially moving to 1 every 2 weeks
Slots available: 0/1

This is a long-term (typically a year) formal committment requiring dedicated time and effort from the mentee.

Frequently Asked Questions

If I am oversubscribed at the time you need mentoring support, consider:

  1. Reaching out to one of the other amazing mentors at the CyberSecurity Mentoring Hub or the Cyber Mentor Dojo.
  2. If you're a member of a professional industry body
    1. Reach out to someone in the network. Lots of people are happy to support you for free on your career journey.
    2. Find out if they have a formal mentoring scheme in place, e.g.
      1. Women in Cybersecurity (WiCyS)
      2. ISACA London mentoring scheme
  3. If you still want to pay me for a session...yes, you can book a private paid session with me (subject to availability).

'A mentor is a more experienced individual willing to share knowledge
with someone less experienced in a relationship of mutual trust'
- David Clutterbuck

Having one or more mentors in our life can make a significant difference to both the direction and rate of growth in our chosen career, and as people. Although there are many 'flavours' of mentoring, they all have one thing in common; the mentee (person seeking support from a mentor) needs to be ready and willing to drive their own development.

'Mentoring is a learning relationship, involving the sharing of skills, knowledge, and expertise between a mentor and mentee through developmental conversations, experience sharing, and role modelling. The relationship may cover a wide variety of contexts and is an inclusive two-way partnership for mutual learning that values differences.'

EMCC Global

Yes, it is available as a paid service.  Please see the mentoring for organisations page.

As security professionals we already operate in accordance with the Code of Conduct of our professional industry bodies.

For our mentoring service, Michala is a member of EMCC UK and voluntarily adheres to the EMCC Global Code of Ethics.

This includes a duty of confidentiality to the mentee with exceptions for (a) their safeguarding and wellbeing and (b) references during the mentor’s supervision sessions.

Book a FREE 30 minute mentoring session (opens in a new window)

CSIRTxp: Cyber Security Incident Response Experience - Can Your Organisation Handle An Attack?

Home

Clarity
Capability
Confidence

Can Your Organisation Handle A cybersecurity incident?

Every day, It seems that every day we hear of a company being hacked, a hospital unable to provide patient care due to ransomware taking over their systems, our details accidentally published online for the world to see.

Tabletop exercises and live-play simulations are efffective ways to find out how your team would cope in a cybersecurity crisis.

At Cybility we provide a unique gamified learning experience with a highly interactive and immersive scenario that can be tailored to your organisation. 

It is a business focused experience designed for leaders, senior management, and subject matter experts from across the organisation that are likely to be involved in responding to a cyber security incident.

I'd like to know more, let's book a free call.

Why Rehearse Incident Response?

As the compromises of organisations continue to Increase resulting in a halt to operations and increased costs; more organisations recognise the need for a cybersecurity incident response plan.

However, a written plan is only effective when it is tested on a regular basis – ideally using different scenarios and taking account of personnel availability and changes, and so on.

The process of going through a mock scenario is incredibly useful as it will:

  • Enable the organisation to identify potential gaps in the plan and procedures that may be needed;
  • Build incident response capability within the team;
  • Increase understanding of the need for the different roles to be involved;
  • Build a sense of comradery in the cybersecurity incident response team (CSIRT).

Like any activity - when repeated regularly it creates a habit.  The more you do it, the more confident you can be in your organisation’s ability to respond to a cyber-attack.

1. Prepare

Complete our pre-exercise e-learning course to give everyone a solid baseline

2. Participate

Actively contribute to the Cyber Security Incident Response Exercise Scenario

3. Probe

Share candidly in the cold wash (debrief) to generate lessons learned

On completion of the experience, your organisation is provided with an After-Action Report (AAR) that includes focus areas for improvement to inform your organisation’s cyber security resilience planning.On completion of the experience, your organisation is provided with an After-Action Report (AAR) that includes focus areas for improvement to inform your organisation’s cyber security resilience planning.


On completion of the experience, your organisation is provided with an After-Action Report (AAR) that includes focus areas for improvement to inform your organisation’s cyber security resilience planning.Participants receive a digital certificate and are issued witih the Cybility Cybersecurity Incident Response Team Experience (CSIRTxp) Alumni badge which can be shared on LinkedIn or other social media.

Frequently Asked Questions

We will be taking notes throughout and provide these to you as an After-Action-Report (AAR). Whilst we do record to assist in producing the AAR, we typically do not provide recordings of the sessions to clients unless explicitly requested as part of the project scope.

Yes, we offer a 15% discount for this service for charities that are registered in the UK.

To claim this discount the charity must be active and currently registered with one of the following:

  • Charity Commission in England and Wales,
  • Scottish Charity Regulator in Scotland (OSCR);
  • Charity Commission for Northern Ireland (CCNI).

Resources

Home

Clarity
Capability
Confidence

Resources

It's hard knowing where to start when there is lots of free information available on the internet.

We encourage you to check out our curated resources, in order to build your vocabulary and toolset to engage with your technical team and suppliers.  

This is an important step in the journey to make your organisation more cyber resilient and better protect the people you serve.

We will keep adding to these over time so do come back and visit 😀


Photo of Michala Liavaag holding a pile of books with the spines showing the titles of each book. She is holding the top book facing the camera; it is a copy of the book 'Rise of the Cyber Women volume 2' - it has a red cover (Michala is a brown woman with long black wavy hair. She is wearing a white jacket.Books

Read about Michala's journey into cybersecurity in the final chapter of Rise of the Cyber Women volume 2.

We're sharing this book list that Michala created over on Goodreads containing books that she has either read herself or other women in cybersecurity have highly recommended.

Cybility - cybersecurity consultancy and training

Home

Clarity
Capability
Confidence

Welcome to Cybility!
Cybersecurity Consultancy and Training with a Twist

Working with leaders to embed cybersecurity governance into their organisations using 'the cybersecurity conductor's companion™'.

Reducing human risk with our H.A.C.C.E.R. approach - playful learning that changes behaviours.

Join the choir of happy clients 

Hear what Jodie had to say about engaging Cybility to deliver live training for their staff and the executive leadership team; even though they already have annual e-learning in place...

Jodie Thwaites, Head of IT, ShareAction (UK charity)

Manage Cybersecurity Risk

Experienced leadership and expertise as and when you need it

With over 20 years in IT and a decade of information governance and cybersecurity leadership experience, we understand how frustrating and stressful working in the field can be. With limited resources and new threats around the corner to prepare for, your work is never done.

That’s why we're able to deliver services that reduce anxiety and give you the capacity to take a proactive approach, demonstrating that with you in the lead, security really is a business enabler.

Virtual Chief Information Security Officer (vCISO) aka Fractional CISO

Need a security leadership presence and don't have the budget for a full-time CISO?

Cybility's vCISO service gives your organisation a named cybersecurity leader that creates and drives implementation of a strategy at a reasonable price (annual subscription).

Learn more about our vCISO service

CISO Advisor (Hour)

When you don't need a long engagement and just want to bounce ideas off a subject ­matter expert, Cybility's CISO advisor can help. 

From as little as one hour up to four at a time, we offer affordable call-off packages and subscriptions that provide you with expert advice as and when you need it.

Learn more about our CISO advisor service

Train your people with CybilityXP

Playful Learning Experiences Customised to Your Organisation

Icon showing the heads and shoulders of 3 people with curved lines between them to make a complete circle. Thee is a plus sign in the centre.

Human Risk and Security Culture

People are at the heart of every organisation. With the right support, they can become a strong part of your security defence.

We provide a range of training, education, and awareness workshops delivered live online or on-site.

Read more about our learning experiences
Silver solid icon showing the side of cupped hand. There is a circle sat atop the hand and inside the circle is a representation of a person.

Mentoring for Organisations

Looking for a solution to the skills gap?

There are many people that answered the call and made the transition to cybersecurity; they just need a chance to prove they can do the job.

Bridge the experience gap and give your staff an XPboost.

Read more about our mentoring services
Image of the inside of our cybersecurity awareness Cyber Toon Tips Wall Calendar showing examples of a couple of months with tips on the top half and calendar on the bottom

2024 Cyber Toon Tips Calendar In store now!

Whether organising your cybersecurity awareness campaign or educating your family - it's guaranteed to brighten any room.

Cacophony to Compliance

Tuning into Trusted Frameworks like ISO 27001, NIST CSF and more

Gap Analysis

Industry standard frameworks and certification standards are helpful to your security programme - no matter how large or small your organisation is.

We can perform a gap analysis and provide implementation support.

Check our this case study and testimonials to learn how we've helped others.

I think you can help me, I want to book a call.

Amplify Assurance 

Elevating Security with Independent Verification

Amply Assuring Assessor

Trust in the services you provide is vital to your beneficiaries, customers and board of directors / trustees amongst others.

We can help provide that assurance through several approaches including putting your leadership team through its paces with cybersecurity incident response table-top exercises and simulations.

Supply Chain (clients)

The importance of security in the supply chain has come to the fore over the past couple of years with several significant security incidents cascading from one company to another.

When your clients ask for evidence of good security practices, are you able to answer with confidence?

Supply Chain (suppliers)

Are you confident that your suppliers are protecting your data appropriately?

Are you confident that they proactively inform you of securiy incidents that may impact your organisation?

Learn how we can support your supply chain risk management program. 

I think you can help me, I want to book a call.

Sign up to the Cynpost

Stay up-to-date with our latest news and resources

Your information

📧 We promise we won't spam you.
💂🏾‍♂️ We promise we will protect your information.

We will only use your information for the following purposes:

  • email you content that you have requested from us;
  • with your consent, occasionally email you with targeted information regarding our service offerings and/or events;
  • invite your views on cybersecurity in your industry sector;
  • continually honour any opt-out request you submit in the future;
  • comply with our legal and/or regulatory obligations.

Further information about how we use and protect your information in in our privacy policy

Mentoring for organisations

Home

Clarity
Capability
Confidence

Purple icon of a man walking up hill towards a flag at the top

Cybility Experience (XP) Boost - our mentoring service for organisations

Does your organisation knows that it needs to reduce cybersecurity risks yet you don't have experienced cybersecurity specialists in-house to make that happen?

Perhaps you are struggling to hire cybersecurity professionals with the level of experience you want at a price you can afford?

Possibly your anxiety level rises as each day ticks by without filling that open vacancy which means your organisation isn't as resilient as you'd like your customers to believe?

We can help!  Hire a promising candidate for their passion, curiosity, and tenacity. Give them the experience they need by proxy through our mentoring-as-a-service and they'll likely become one of your top performers.


Sound good? Let's talk!

"I love sharing knowledge and lessons I have learned.

I enjoy having interesting discussions, learning new things and be reminded why I love working in cybersecurity.

I hope to inspire more people to join the cybersecurity field."

- Michala Liavaag

The Cybersecurity 'Skills Gap' and Mentoring-as-a-Service

Mentoring has never been more important given the current landscape in which people talk about a 'cybersecurity skills gap'; I always say it is 'an experience gap'. Yet the pipeline of talent coming through from apprentices to graduates and career changers; all are consistently struggling to get jobs due to the lack of experience.

We believe that there are opportunities for organisations to hire these aspiring cybersecurity professionals, acknowledge that they have less experience than the organisation would ideally like, then take a risk-based approach to it and implement a control to reduce the risk. Mentoring can be that control.

With our Mentoring and Coaching Service

  • The organisation benefits - by filling a vacant post, activities that were not being performed previously will be. This will increase the organisation's cyber resilience. It's also demonstrates the organisation's committment to developing people.
  • The aspiring cybersecurity professional benefits by
    1. Getting a job to pay the bills,
    2. Gaining real-world experience, and
    3. Having the reassurance of the safety-net of a mentor who can share their knowledge and experience with them.
  • The cybersecurity industry benefits as it's one more cybersecurity professional in the experience pool protecting organisations.
Yes, I know someone that would benefit from your corporate mentoring services - let's talk!

Basic

6 mentee sessions

2 manager debrief sessions

Standard

12 mentee sessions 

4 manager debrief sessions

ENHANCED

24 mentee sessions

8 manager debrief sessions

Yes, I know someone that would benefit from your corporate mentoring services - let's talk!

Frequently Asked Questions

'A mentor is a more experienced individual willing to share knowledge
with someone less experienced in a relationship of mutual trust'
- David Clutterbuck

Having one or more mentors in our life can make a significant difference to both the direction and rate of growth in our chosen career, and as people. Although there are many 'flavours' of mentoring, they all have one thing in common; the mentee (person seeking support from a mentor) needs to be ready and willing to drive their own development.

'Mentoring is a learning relationship, involving the sharing of skills, knowledge, and expertise between a mentor and mentee through developmental conversations, experience sharing, and role modelling. The relationship may cover a wide variety of contexts and is an inclusive two-way partnership for mutual learning that values differences.'

Source: EMCC Global

Yes, in various ways.  Please see the mentoring page for private individuals which includes information about both free and paid sessions.

As security professionals we already operate in accordance with the Code of Conduct of our professional industry bodies.


For our mentoring service, Michala is a member of EMCC UK and voluntarily adheres to the EMCC Global Code of Ethics.


This includes a duty of confidentiality to the mentee with exceptions for (a) their safeguarding and wellbeing and (b) references during the mentor’s supervision sessions.

Yes, we do offer discounts for charities that are registered in the UK.

To claim this discount the charity must be active and currently registered with one of the following:

  • Charity Commission in England and Wales,
  • Scottish Charity Regulator in Scotland (OSCR);
  • Charity Commission for Northern Ireland (CCNI).
Yes, I know someone that would benefit from your corporate mentoring services - let's talk!

Cybility Savvy - Podcast and YouTube Channel

Home

Clarity
Capability
Confidence

Cybility Savvy

Cybility Savvy is a podcast that offers bite-sized cyber security advice for busy leaders who have responsibility for cybersecurity and it is not their area of expertise.

Whether you are member of the board or the C-suite, you will find easy-to-digest, actionable hints and tips enabling you to keep your organisation safe, boost cyber-resilience, and build customer trust.

At the end of each episode, you’ll better understand how cybersecurity risks could impact your organisation, how to shield your precious information and how to keep your services running smoothly.


I have a question / would like to be a guest

Your host is Michala Liavaag, an experienced cybersecurity leader, mentor and speaker.

She is a cybersecurity consultant, with over 20 years in IT and a decade leading information governance and security programmes in local government, healthcare, charities and the private sector.

The search results will open in a new window.

Virtual CISO (vCISO)

Home

Clarity
Capability
Confidence

Virtual Chief Information Security Officer (vCISO)

AKA CISO-as-a-Service

Is your organisation at the point where you know you need a good Chief Information Security Officer (CISO)?

Perhaps you've been through several rounds of recruitment and failed to find someone with the right mix of skills and experience that you are looking for?

Or worse, you found them and couldn't afford to hire them.

Look no further!  Get trusted security leadership with a dedicated virtual CISO to guide your strategy and operations. Our retained engagement offers tailored expertise when you need it.

Yes, my organisation would benefit from your vCISO service - let's talk!

With salaries currently starting at £100k before on-costs and benefits; respected, experienced CISOs are simply out of reach of lots of private companies, let alone non-profit organisaitons such as government, NHS and charities.

So what are your options? Accept the risk and hope nothing bad happens? Hire someone inexperienced that you hope will grow into the job and if not, it still ticks a box? Is either one going to assure the board and/or shareholders?

There's another way... Cybility's virtual CISO service, aka CISO-as-a-Service.

You can gain regular access to the wealth of knowledge, skills and experience aquired over two decades for a fraction of the cost and without the staff management overheads that come with employing a member of staff. 

With our vCISO service you’ll:

  • Develop a security program that addresses the organisation’s business and compliance needs within the board’s risk appetite;
  • Be able to make risk-informed decisions to keep your organisation safe;
  • Demonstrate to the people you serve (beneficiaries, clients, customers, and so on) that you are a safe organisation to work with; the increase in customer trust likely resulting in an increase in revenue;
  • Gain confidence in your own role with an independent consultant there to back you up or steer you in another direction according to business needs;
  • Save money on your revenue budget when compared to a full-time resource;
  • Benefit from opportunity cost savings and increased wellbeing by reducing the burden and hours spent managing security on top of the day job;
  • Potentially be offered reduced insurance premiums due to having a named vCISO that reports to the executive team and board;
  • Have access to independent recommendations for appropriate security investments that are value for money and provide the required level of protection for the future sustainability of the organisation;
  • Be able to flex the level and type of services as your needs change.

If you just caught a glimpse of light through the tunnel; get in touch for a free exploration call to discuss how we can be the guiding light that leads you out of the dark tunnel and into a more relaxed state, confident in the knowledge that we've taken the time to understand your organisation and care about helping you to protect it.


Basic

1 day per month

Standard

2 days per month

ENHANCED

1 day per week

Yes, my organisation would benefit from your vCISO service - let's talk!

Frequently Asked Questions

Yes, we do offer discounts for charities that are registered in the UK.

To claim this discount the charity must be active and currently registered with one of the following:

  • Charity Commission in England and Wales,
  • Scottish Charity Regulator in Scotland (OSCR);
  • Charity Commission for Northern Ireland (CCNI).

Meet Michala

Home

Clarity
Capability
Confidence

Meet Michala

aka The Cybersecurity Conductor™

Michala is the founder of Cybility Consulting, working as a Chief Information Security Officer (CISO) advisor, virtual CISO, and cybersecurity consultant.  She works to demystify cybersecurity for leaders, enabling them to better protect their organisations.

She has worked with the UK National Cyber Security Centre, is a member of the South East Cyber Resilience Centre's advisory board, and served on the BCS Information Risk Management and Assurance (IRMA) Management Committee.

She has a degree in classical music and has had a varied career, including starting a computer game store, running three airport internet cafes, and working in IT for over twenty years in roles like technical support and project management. Over the past 10+ years, she has led information governance and cybersecurity programmes for complex, medium, and large organisations in the UK. These include local government, healthcare providers in the NHS and charity sectors, and the private sector.


She enjoys sharing her knowledge with others and speaks at events, podcasts, and webinars on a regular basis.

Michala, a black woman in a field dominated by white men, is dedicated to inspiring and mentoring the next generation of diverse cybersecurity professionals. She volunteers as a mentor and STEM ambassador, and she supports initiatives like #CyberFirst and WiCys (women in cybersecurity).​​​​​​​

Many people in the cybersecurity industry, including Michala, have experienced burnout.

She talks about imposter syndrome, taking care of your mental health, and the importance of managers creating psychological safety so that these conversations occur.

As a way to heal, Michala returned to music and writing. The anthology"The Rise of the Cyber Women: Volume 2" includes a chapter in which Michala talks about her journey in cybersecurity, and on the "Quietly Visible" podcast, she talks openly about her life to inspire girls; when you see it, it's easier to become it.

She lives with her husband and two dogs.

CISO Advisor

Home

Clarity
Capability
Confidence

?rel=0&showinfo=0" style="width: 100%;" type="text/html" allow="autoplay; fullscreen" webkitallowfullscreen mozallowfullscreen frameborder="0">

CISO ADVISOR

Many organisations can't afford to hire cybersecurity staff full-time, and those that can struggle to recruit people with proven experience.

We can help you navigate your way through today's cybersecurity challenges enabling you to lead the way for your organisation with whatever happens tomorrow (in cybersecurity something always does)!

CISO Advisor is an advisory by the hour service that provides you with access to Michala Liavaag, an experienced cybersecurity leader.

Michala advises on information security and cybersecurity governance, risk, compliance with legislation and regulatory standards, security awareness and culture change, due diligence with existing or prospective suppliers, policies, processes, incident management, and many other matters. 


Basic

1 Hour

Need to bounce around a few ideas with an experienced cybersecurity professional? 

Sometimes an hour is all you need to grapple with a concept or figure out your next move.

Book my 1 hour session now

Standard

2 Hours

An hour not enough and you would like more cybersecurity advice?

We work the challenge with you; guiding you so that by the end of our session you have clarity over your next actions.

Book my 2 hour session now

Enhanced

4 Hours

Have a more in-depth cybersecurity matter that you would appreciate support with? 

Our enhanced offering enables us to spend some focused time to delve deeper into the topic or challenge you'd like to explore.

Book my 4 hour session now

Frequently Asked Questions

Yes, these are available for an additional fee.


Yes, we offer a 45% discount for this service for charities that are registered in the UK.

This reduces your cybersecurity investment from £175 to just £95 + VAT for one CISO advisor hour.

To claim this discount the charity must be active and currently registered with one of the following:

  • Charity Commission in England and Wales,
  • Scottish Charity Regulator in Scotland (OSCR);
  • Charity Commission for Northern Ireland (CCNI).

No.  This is strictly an advisory service. 

What we can do is signpost you to good industry practice guidance that covers how to configure it. 

We may also refer you to an associate consultant or partner in our network to assist with any hands on configuration work that you need.

No.  

I am not a hacker (in the commonly understood meaning of the word); and even if I were, it would be unethical to do so.


Subscribe to