SIGN UP FOR FREE | SIGN IN
Thinkers360
Interested in getting your own thought leader profile? Get Started Today.

Bruce Braes CSyP CRISC CPP PSP CNSP CMIRM MIET FSyI

Head of Security Consulting at Buro Happold

Bath, United Kingdom

Bruce is an internationally recognised Adversarial Risk Management expert. Known as "The RiskAdviza", he champions adversarial risk management approaches to securing and protecting the modern organization from an enterprise level through to frontline operations. Security risk differs from many other forms of risk insofar as security risks are imposed upon us as a result of the potentially harmful actions of people, including criminals, terrorists, hostile foreign states and malicious insiders.

Available For: Advising, Authoring, Consulting, Influencing, Speaking
Travels From: Bath, United Kingdom
Speaking Topics: Security Risk Management, Enterprise Risk Management, Project Risk Management, Organizational & Operational Resilience, GRC

Speaking Fee $2,800 (In-Person), $1,000 (Virtual)

Bruce Braes CSyP CRISC CPP PSP CNSP CMIRM MIET FSyI Points
Academic 5
Author 17
Influencer 52
Speaker 3
Entrepreneur 10
Total 87

Points based upon Thinkers360 patent-pending algorithm.

Thought Leader Profile

Portfolio Mix

Company Information

Company Type: Company
Business Unit: Security Consulting
Theatre: Global
Minimum Project Size: $5,000+
Average Hourly Rate: $300+
Number of Employees: 1,001-5,000
Company Founded Date: 1974

Areas of Expertise

Business Strategy 30.41
Cybersecurity
Health and Safety
IoT
Leadership
National Security
Project Management
Risk Management 31.17
Security 31.21
Supply Chain

Industry Experience

Engineering & Construction
Professional Services
Travel & Transportation

Publications

17 Article/Blogs
Prohibiting Ransom Payments Will Not Deter Cyber Criminals
Linkedin
July 24, 2025
The UK Government's proposed ban on paying cyber ransoms is well intentioned but flawed. It risks penalizing victims, not deterring criminals. Yet, the policy discussion demands more subtlety than outright prohibition or permission.

See publication

Tags: Business Strategy, Risk Management, Security

Rethinking Security Barrier Design: What Simulations Reveal About Vehicle Impact Loads
linkedin
June 04, 2025
In an era where vehicle-ramming attacks pose a growing threat to public safety, the design and assessment of security barriers have never been more critical. Traditionally, physical crash tests have been the gold standard for evaluating barrier performance. However, these tests are costly, limited in scope, and often fail to capture the full range of real-world impact scenarios.

See publication

Tags: Business Strategy, Risk Management, Security

M&S Bungled Crisis Comms Following Cyber Attack
linkedin
April 26, 2025
Retail giant and household name Marks & Spencer (M&S) has not exactly covered itself in glory with its handling of the cyber-attack it was victim to in March 2025. The company failed to get a handle on the story early, with reports of the cyber breach emerging through third parties and social media nearly 24 hours before M&S made an official comment.

See publication

Tags: Business Strategy, Risk Management, Security

Crises Don't Simply Appear: The Anatomy of Organizational Disaster
linkedin
April 21, 2025
Crises don't materialize from thin air. They build quietly, simmering beneath the surface—incubating unnoticed until a tipping point transforms them into full-blown eruptions.

See publication

Tags: Business Strategy, Risk Management, Security

Crisis Governance – Leading Through Complexity, Not Chaos
linkedin
April 17, 2025
Today’s crises don’t unfold in jungles, they spread across networks, managing them isn’t about dancing with lions. It’s more like steering a self-driving car that’s just lost GPS. Leaders must act fast, make sense of shifting information, and keep moving, often without a clear map.

See publication

Tags: Business Strategy, Risk Management, Security

THE COST OF CUTTING
LinkedIn
April 05, 2025
Across the world critical national infrastructure (CNI) underpins the development of modern society. So, what is CNI? The answer is jurisdiction specific with many countries including Australia, Canada, EU, Singapore, United Kingdom and the United States having legislated what infrastructure is essential for the functioning of the nation. In most jurisdictions Energy and Utilities, Finance, Health, Transportation, Food, Manufacturing and in more recent times digital networks are deemed as CNI. Recent disruptive incidents around the world have brought to the fore an alarming pattern behind those events

See publication

Tags: Business Strategy, Risk Management, Security

Vehicle As A Weapon No Longer Just A Counter Terrorism Issue
LinkedIn
January 01, 2025
Understanding and interpreting recent incidents is important for building safer urban environments.

See publication

Tags: Risk Management, Security

Key Benefits of Cyber Informed Engineering for Architects and Developers
LinkedIn
December 21, 2024
Clients are increasingly prioritizing secure and resilient systems. CIE helps deliver solutions that meet or exceed these expectations.

See publication

Tags: Risk Management, Security

Adverserial Risk in the Winds of Change
LinkedIn
November 10, 2024
With the week of the U.S. Presidential election now coming to a close and an apparent clear winner emerging, I thought it was time to highlight the fact that while an election can change the political winds, the fundamental security risks out there are persistent and prevail.

See publication

Tags: Risk Management, Security

Adversarial Risk Management: A Comprehensive Approach to Modern Security Challenges
LinkedIn
October 19, 2024
For years now the arguments around where security sits in organisation design and structures have raged. Enterprise Risk Management types argue that is a subset of their empire, others are for independence, whilst the field of information and communication technology security has morphed into cyber security, which has declared unilateral independence from both corporate security and ERM. Add to that the advent of the ASIS International driven Enterprise Security Risk Management (ESRM) campaign and we face a situation that is as clear as mud.

See publication

Tags: Risk Management, Security

The Imperative of Integrating Cyber Security in Early Building Engineering Design Cyber Informed Engineering #CIE
LinkedIn
October 15, 2024
Today, I want to discuss a critical aspect of modern engineering design that often gets overlooked until it's too late: cyber security. As we advance into an era where digital and physical systems are increasingly intertwined, the importance of integrating cyber security from the very beginning of a facility's design cannot be overstated.

See publication

Tags: Risk Management, Security

Time Flies When You Are Having Fun
LinkedIn
September 02, 2024
Starting amidst the challenges of lockdowns and remote work, our resilience shone through as we continued to deliver exceptional outcomes for our architectural clients, focusing on RIBA stages 2 to 5. Fast forward a few years, and our services have expanded significantly. We now offer expertise in Security Master Planning, Risk & Threat Assessment, Security Design Strategy, Security System Engineering, Cyber & Information Security, Operational Security, Operational Resilience, and Security Governance.

See publication

Tags: Risk Management, Security

How Does Protective Security & ESRM Look in 2022?
LinkedIn
December 30, 2021
As we heads towards 2022 having navigated a challenging 2021, I gain inspiration from Albert Einstein’s quote “In the middle of difficulty lies opportunity", and I am hoping that this will come to fruition this year. Like many, I have been thinking of all the great ideas I have for the new year, as well as the horrors of the year just past.

See publication

Tags: Risk Management, Security

The Nuts and Bolts of Security Risk
LinkedIn
December 30, 2021
A recent humorous tweet got me thinking about security risk (again, I am a bit of a risk geek) and how poorly this significant business influencer is understood by many key decision makers in business today.

See publication

Tags: Risk Management, Security

ESRM – Enterprise Security Risk Management – Joining the Dots
LinkedIn
January 30, 2021
Enterprise Security Risk Management (ESRM) “is a strategic approach to security management that ties an organization’s security practice to its overall strategy using globally established and accepted risk management principles” as defined by ASIS International. ASIS International founded in 1955, is the world's largest community of security professionals, each of whom has a role in the protection of assets including people, property, and information.

See publication

Tags: Risk Management, Business Strategy

Organizational Resilience Definition and Practitioners
LinkedIn
August 25, 2020
I refer to article by Aaron Gracey MA MSc PGCE FinstLM “Organisational Resilience as Understanding and Agility, not Power” and the “The Organizational Resilience Handbook” by Graham Bell F.ISRM and note some developing tension over the understanding and interpretation of Organizational Resilience.

See publication

Tags: Risk Management, Business Strategy

Bad Things Happen To Good Organizations - Can You Deal With A Disruptive Event
LinkedIn
February 14, 2020
Over the last couple of weeks I have been astounded by what I have heard from people, seen watching media of all sorts and engaging with peers (some closer to home than is comfortable), about how ill prepared many organizations have been for the current COVID-19 outbreak.

See publication

Tags: Risk Management, Business Strategy

1 Executive
Buro Happold
Buro Happold
August 03, 2020
We are an international, integrated consultancy of engineers, designers and advisers. For over 45 years, we have built an unrivalled reputation by delivering creative, value-led solutions for the benefit of people, places and planet.

See publication

Tags: Security

1 Journal Publication
Organisational Resilience: Understanding and identifying the essential concepts.
WIT Press
February 13, 2020
Increasing exposure to turmoil has raised business, social and governmental concerns over the ability of organisations to anticipate and respond positively to disruptions. Organisations are spending increased sums of money to raise levels of security, but organisational resilience is vague, multi-disciplined and diverse, requiring a diversity of skills and knowledge that reaches beyond security alone. The resilience domain is still developing and expanding, however, early embodiments of organisational resilience, originating in the United Kingdom and the United States were nothing more than a re-branding of business continuity management strategies, put together as a ‘resilience processes’, or ‘resilience systems’ and more recently ‘resilience management systems’, claiming to emulate benefits that International Standards Organisation 9001 gave the Quality Assurance discipline. The result is an absence of a clearly defined and researched set of essential concepts that make up the theoretical structure of organisational resilience. This research proposes to identify and document those concepts.

See publication

Tags: Risk Management, Business Continuity

1 Miscellaneous
Opportunities abound for the security sector in Saudi Arabia
IFSEC Insider
August 14, 2023
A look at opportunities for security industry in the Saudi Vision 2030 programme of developments

See publication

Tags: Cybersecurity, Risk Management, Security

1 Speaking Engagement
Horizon Scanning - An essential tool for strategic planners of the future
Business Continuity Institute
October 03, 2011
Horizon Scanning is now making an even greater contribution to strategic planning, risk management and policy development across both the commercial and governmental arenas. Research prioritization is also benefiting from the increased level of scanning that is providing innovative outputs to guide not only ongoing but future research activities. Policymakers and strategy practitioners now rely heavily on Horizon Scanning to make informed decisions that anticipate future developments

See publication

Tags: Risk Management, Business Strategy

Thinkers360 Credentials

2 Badges

Radar

Blog

Opportunities

Add to Shortlist View Shortlist »

Contact Bruce Braes CSyP CRISC CPP PSP CNSP CMIRM MIET FSyI

Book Bruce Braes CSyP CRISC CPP PSP CNSP CMIRM MIET FSyI for Speaking

Book a Video Meeting

Media Kit

Share Profile

Contact Info

  Profile

Bruce Braes CSyP CRISC CPP PSP CNSP CMIRM MIET FSyI

Latest Activity

Search
How do I climb the Thinkers360 thought leadership leaderboards?
What enterprise services are offered by Thinkers360?
How can I run a B2B Influencer Marketing campaign on Thinkers360?