Security Advisor  ·  vCISO

Frances
Ruby

Independent Advisory Practice

Independent security advisory for organizations that take risk seriously.

Chief-level security thinking, available when and how you need it.

Submit an Enquiry →
Why This Matters

Security risk doesn't wait for you to be ready.

Regulatory exposure, client due diligence, vendor risk, and data governance are operational realities — not future problems. For growing organizations, the gap between adequate security posture and dangerous exposure is rarely obvious until it costs something.

Most mid-market organizations don't need a full-time CISO. They need someone who thinks like one — to shape strategy, challenge assumptions, and ensure the business is protected as it grows.

That is what I do.

Advisory Services

Four disciplines. One advisor.

Fractional vCISO

Ongoing security leadership embedded into your business. I act as your senior security voice — advising leadership, shaping strategy, managing risk, and ensuring your security posture keeps pace with growth. Structured as a monthly retainer.

Cybersecurity Consulting

Targeted engagements for specific security challenges — posture assessments, architecture reviews, vendor evaluations, and strategic advisory. Scoped to your business, not a generic framework.

Security Documentation & Technical Writing

Policies, playbooks, and governance documentation built to be used. Incident response procedures, board-level security reports, and operational SOPs written with precision and clarity.

Governance, Risk & Compliance

Gap analysis and readiness support for GDPR, ISO 27001, NCA, HIPAA, and sector-specific requirements — built around your actual operating environment.

Supporting capability: Connected environments and IoT security, including healthcare IoT and smart infrastructure.

How I Work

Direct engagement.
No account managers, no junior delivery.

Every engagement is handled by me. When you brief me, I am the person who listens. When advice is delivered, it comes from me directly.

I work with a small number of clients at a time — by design. The organizations I engage with receive genuine attention, not a service contract. My work spans strategic advisory and hands-on execution, which means I can assess your risk landscape at board level and review your technical architecture the same week.

Engagements are typically structured as retainers or defined-scope projects. I work across the Gulf and Middle East, UK and Europe, and North America.

About

I operate where strategy meets execution — most advisors choose one.

My name is Frances Ruby. I am the Chief Security Officer of WII Group, a multi-sector holding group with subsidiaries across tourism technology, cybersecurity, and healthcare SaaS.

I founded Emperius, WII Group's specialist cybersecurity firm, which delivers security services to regulated industries across three continents. My advisory practice sits alongside that work — independent engagements with founders and operators who need a senior security presence without a full-time hire.

My background spans technical security practice, governance and compliance, executive leadership, and security documentation. That range is deliberate. The most useful security work happens at the intersection of business strategy and operational reality — and that requires someone who is fluent in both.

Chief Security Officer — WII Group Founder — Emperius Cybersecurity · Humber Polytechnic Gulf & Middle East  ·  UK & Europe  ·  North America
Frances Ruby
Get in Touch

Submit an enquiry.

If you have a security requirement or want to understand whether working together makes sense, use the form below. I review all enquiries personally and respond within two business days.

All enquiries are treated as strictly confidential.