Nebu Varghese is a Senior Director in FTI Consulting’s Cybersecurity practice and is based in London. Mr. Varghese has more than 13 years of multi-functional cybersecurity experience, blending deep technical expertise with strong academic credentials. He has led global teams and complex matters across 28 countries, impacting sectors including Financial Services, Private Equity, TMT, Manufacturing, and Critical National Infrastructure.
Mr. Varghese specialises in executing and managing the delivery of offensive security testing (ethical hacking or penetration testing) engagements for organisations across the globe. He serves on the UK National Cyber Security Centre (NCSC) Security Testing Expert Group, collaborating with industry experts to draft practical and valuable best practice guidance that informs and guides both the NCSC and the wider ICS industry.
At FTI Consulting, he has managed and delivered several ‘insider-threat’ focused attack simulations for large private equity firms and multinational corporations. Most recently, he served as the lead technical expert on behalf of a leading law firm, to complete a hardware technology investigation for one of the world’s largest surveillance hardware manufacturing companies based in the UK.
Mr. Varghese has extensive experience in proactive cybersecurity engagements for high-profile clients, coupled with deep expertise in cybersecurity maturity and benchmarking assessments against leading industry frameworks. Most recently, he provided expert, independent challenge and oversight to the cyber transformation programs for one of the world’s largest banks, collaborating across all three lines of defense to drive effective risk mitigation.
Mr. Varghese has a proven track record of leading over 50 OT/IoT/IIoT cybersecurity reviews worldwide, including APT simulations in the Middle East and threat-led penetration tests for renewable energy infrastructure in Southeast Asia and South America. Most recently, he performed a global OT cyber risk assessment for a major beverage manufacturer, leveraging FTI Consulting’s custom assessment framework, built upon industry-leading NIST and ISA/IEC 62443 frameworks.
Prior to joining FTI Consulting, Mr. Varghese spent the last decade working with two of the Big 4 audit firms, leading on threat-driven offensive security engagements across network infrastructure (IT & OT) environments, cloud infrastructure, wireless infrastructure, physical security, applications (web & mobile), as well as social engineering assessments, malware analysis, and architecture design reviews. In his previous role, he led the NextGen SecOps and Response capability for a Big 4 Audit firm in the UK, overseeing large technical assessments and reviews for major clients in the EMEA region.
You must be logged in to post a comment.