The Birth of BrightPath Cyber Advisory
Why I Walked Away From Secure Employment to Build Something Different
I didn’t start BrightPath because I wanted to sell cybersecurity. I started it because I wanted to help people understand it. That purpose came from my own experience of seeing how easily cyber conversations can leave people feeling overwhelmed, even when they genuinely want to do the right thing.
If you had told me ten years ago that I would one day work in cybersecurity, I probably wouldn’t have believed you. I came into cybersecurity from the business side, not from a deeply technical role. My career has taken me through hospitality, clubs, real estate, and corporate environments, with experience across management, sales, administration, executive support, and operational roles. That background gave me broad exposure to how organisations operate, how decisions are made, and the challenges businesses face when they are trying to balance risk, compliance, budgets, people, and growth.
Cybersecurity wasn’t something I planned on building a career around. Like many people outside the technology sector, I knew it was important, but I saw it as something that belonged to IT teams and service providers. That perspective changed during my last role, where I became heavily involved in cybersecurity awareness programs, cyber audits, and initiatives designed to strengthen the organisation’s security posture.
I worked closely with our Managed Service Provider, sat in conversations about risk and compliance, and was given the opportunity to learn far more than I ever expected. What started as curiosity quickly became a genuine passion. I began investing my own time researching cybersecurity, attending webinars, reading industry updates, and trying to understand not only the technology, but also the impact it had on businesses.
The more I learned, the more fascinated I became. What stood out to me most wasn’t the technology itself. It was the communication gap.
I sat in many conversations where technical experts knew exactly what they were talking about, but the people receiving the information often walked away confused. Business leaders wanted to do the right thing. They cared about protecting their organisations, staff, customers, and reputations. The challenge wasn’t a lack of interest. It was a lack of understanding.
Cybersecurity had become a language of its own. The more time I spent working between technical teams and business stakeholders, the more I realised I enjoyed being the person who could bridge that gap. I found real value in taking complex concepts and translating them into practical conversations that made sense to non-technical people. Helping someone understand why a risk mattered, or what a recommendation actually meant for their organisation, became the part of cybersecurity I enjoyed most.
As I continued learning and engaging with organisations, I noticed the same challenges appearing again and again. Many businesses believed cybersecurity was completely covered because they had an IT provider. Others assumed cybersecurity was too complicated, too expensive, or only relevant to large organisations. At the same time, I saw businesses being presented with products and services before anyone had taken the time to help them understand their risks.
Too often, the conversation started with technology instead of education. I believed there was a better way.
I wanted to create a business that focused on helping organisations understand cybersecurity rather than fear it. A business that prioritised education, practical guidance, and long-term relationships over jargon, complexity, and sales-led conversations. That is why BrightPath Cyber Advisory was created.
The name reflects exactly what I hope to provide: a brighter path forward for organisations trying to navigate an increasingly complex cyber landscape. I wanted to build a business that helps leaders make informed decisions, strengthens security culture, and gives organisations confidence in the choices they make.
I’m particularly passionate about helping small businesses and not-for-profit organisations. They face many of the same cyber threats as large enterprises but often don’t have access to the same resources, budgets, or specialist expertise. These organisations deserve practical support, honest advice, and someone who can help them understand where to start.
Starting BrightPath was not an easy decision. Walking away from secure employment is always a risk, especially when you have a young family and people depending on you. There were plenty of moments of doubt, and there still are. But I’ve learned that a healthy amount of self-doubt keeps you learning, improving, and focused on delivering the best outcomes possible.
Success for me isn’t about building the biggest cybersecurity company. It’s about making a difference. It’s helping organisations feel more confident, build stronger security cultures, and understand that cybersecurity doesn’t have to be intimidating.
Because cybersecurity isn’t just about technology. It’s about people. And everyone deserves someone willing to help them understand it.