Welcome Who we are What we do Meet the Shogun Contact Credits


If you’ve made it this far you’re probably looking at that cover image and thinking “Wow, this sure doesn’t look like your typical cybersecurity company.”
If so, then that’s good. We aren’t.

Acknowledgement of Country

Shogun Cybersecurity is based in Naarm (Melbourne). We acknowlegde the Wurundjeri and Bunurong People as the traditional owners of this land, and recognise their unbroken, ongoing connection to it. We pay our respects to their elders past, present, and emerging.

Who we are

Shogun Cybersecurity was born out of a desire to do things differently. Despite the relative youth and rapidly evolving nature of cybersecurity, it has become a practice held captive to vested interests, rigid frameworks, and entrenched ways of thinking. In many organisations, “doing things the right way” has become more important than being innovative, being efficient, being effective. There’s no room for out of the box thinking or creative problem solving because fear and risk aversion has stifled any appetite for change. Outcomes are now less important than following the process, and cybersecurity has become little more than a series of check lists and flowcharts.

We want to change that. Your business needs cybersecurity measures that work, not that look good on paper. That is what we strive to deliver. We aren’t interested in providing low margin cookie cutter services that deliver no actual value. We’re not interested in playing cybersecurity theatre for the sake of appeasing the board or regulators. If you just want to tick a few boxes for the sake of compliance, you should hit the ‘Back’ button right now, because that’s not what we’re about.

On the other hand, if you’re here looking to shake things up, if you’re willing to back ingenuity over rigid adherence to frameworks, if you want to build a real security program instead of one that just looks good on paper, then we would love to work with you.

At Shogun Cybersecurity, our priority is good outcomes for our clients. We’re focused on making cybersecurity accessible, regardless of organisational size or maturity. We deliver real solutions that provide real security, rather than fall back on “best practices” and inflexible frameworks.

We solve problems.

What we do

Cybersecurity is a complex problem space, there are as many different aspects to it as there are to business itself. At Shogun Cybersecurity, we play to our strengths as a small and responsive independent consultancy. We are proud to be strong generalists, but our services are targeted at solving the sorts of problems that enable us to make the biggest difference to our clients.

Independent advice for executives and boards

As a business leader, having access to the best advice is critical to effective decision making. Whether you are the CEO of a small 10-person firm, or on the board of a 1000-head enterprise, you need cybersecurity advice that is objective and impartial. At Shogun Cybersecurity, we provide expert advice that you can trust, because our expertise is world class, and our only agenda is your success.

We love MSPs

Being an IT Managed Services Provider in this cyber-obsessed world is a tough gig. Your customers expect that security is just part of the service, not something they should have to pay extra for. You want to deliver cost effective security-as-a-service offerings that fit within a low margin, MRR-based business model, but where do you even start if you don’t have the right expertise internally? Look no futher, we love partnering with MSPs to help them build internal capability and meet their customer’s expectations. As a pure-play consulting and professinal services provider, you can rest assured we have no interest in cannibalising your managed services customers.

Cybersecurity assessments

Risk assessments, maturity assessments, control assessments, third party assessments, technology assessments. Yep, cybersecurity is full of all sorts of assessments, requiring all sorts of skills. Having broad experience and expertise across the different facets of cybersecurity is critical to being able to consider and evaluate all the relevant factors and interdependencies. If you’re worried about the complexities involved in cybersecurity assessments, don’t be, we’ve got you covered. We’re also not afraid to be honest - you need the the real picture if you’re going to make the best decisions for your business. At Shogun Cybersecurity, we don’t sugar coat the truth. If your cybersecurity sucks, we’ll absolutely tell you, but we’ll also tell you what you need to do to fix that.

Cybersecurity uplift programs

For small and medium businesses, the idea of having an internal cybersecurity capability probably seems absurd, but the truth is you don’t need a cybersecurity expert on the payroll to get started. Chances are, your organisation already has a lot of the necessary skills and tools at its disposal, the only thing missing is the right training, processes, and context to put them to work effectively. We can design and help you implement a cybersecurity uplift program that leverages the capabilities you already have so that your business is in the best possible position to protect itself.

Got other problems? We can help!

We said at the beginning that we’re proud generalists. If you’ve got some other cyber-related problems to solve, get in touch with us to discuss your requirements. Whether it’s building and deploying cybersecurity solutions, incident response and planning, developing policies, or anything in between - if you are serious about cybersecurity then we are serious about helping you.

Meet the Shogun


I’m Corch. I solve problems.

I won’t bore you with a monologue about how many years I’ve worked in security, how many different industry verticals I have experience in, or how many expensive industry certifications I (don’t) have. The reality is that those sorts of statistics don’t matter. The only question that actually matters to you is “can I help you?”. If you’ve got cybersecurity related problems that need solving, the answer is “most likely”. If there is one thing I’m know for, it’s solving problems. Difficult problems. Problems other people can’t solve.

I’m a strong supporter of diversity and inclusivness within the cybersecurity community. I stand against gatekeeping in all forms, whether it be overt discrimination, or more subtle forms like the obsession with expensive certifications employers seem to have.

I am a proud member of AISA and an AWSN mentor.

I speak regularly at cybersecurity events in Melbourne and around Australia, including the Australian Cyber Conference, and BSides Melbourne. Feel free to get in touch if you would like to discuss a speaking opportunity.