top of page

Where security people get better

Security risk insight without the usual bullshit

Reliable, qualified advice can be hard to find in the security industry.

The good news is that you have found The Real Security Doctor.

I have over 25 years of experience in the sector including working as a consultant, educator and auditor. At the time of writing, I am one of the most qualified security risk practitioners on the planet. (Saying it makes me sound like a tosser but does not make it any less a fact). You can find out more about me here.


Before we go much further, there are few things about me that you need to know...

I'm considered a polarizing figure in the security industry.

Someone even called me 'the Gordon Ramsey of security risk' (whatever that fucking means). ;)

The thing is...

  • I'm knowledgeable about security risk in all areas.

  • I'm committed to helping security people become better informed and succeed (and at ALL levels).

  • I'm dedicated to protecting security people from predatory industry organisations, bad career advice, bad training and horrible employers.

  • I'm focussed on raising standards across the board in all sectors of the industry.

  • I'm highly accomplished, highly experienced and extremely well informed on a wide range of areas to do with the sector. I use this to the benefit of others. Yes, I charge for that help.

  • Even my 'free help' has a price. My help is not 'nice' but it is KIND. Even the gentle snark I may throw your way is in your best interests.

  • I'm ethical, I'm pragmatic and I am utterly uncompromising on anything to do with the list above.

This is generally why people might have a problem with me. I don't tolerate charlatans and bullshitters. These people harm us all.

Naturally, all this makes me a target for the bedwetters and low-thinkers who expect cuddles and applause for just showing up.

I'm just trying to do my bit to redefine security practice and make this industry a brighter and more fulfilling place for the people who work in it.

I'm not here for applause or industry awards.

If anyone has a problem with any of that, you are free to go wherever you like with my good wishes.

You might not like me or what I do. Fine.

If you can get behind what I stand for, we can start a conversation. Keep reading.

Things people love about The Real Security Doctor

There are number of things that I hear repeatedly from my clients and customers.

  • There is 'no fluff' with me or my content. I cut through all the usual bullshit and get to the point.

  • I'm credible, with a rare blend of broad sector experience and the highest levels of education.

  • I have transparent, fair pricing. On my courses, you only pay for the tuition with nothing hidden.

  • I'm industry-focused because I am one of you. I provide real-world examples and practical advice in my coaching, training and consulting services.

  • I'm a disruptive thinker. You don't get the 'same old, same old' that you get everywhere else in the industry. I challenge the status quo because somebody needs to.

  • I have a dark, dry sense of humour and searing levels of sarcasm. Some people like that kind of thing.

  • I commit to quality - I never box-tick ever. You get what you need at a standard I set for myself.

  • I commit to building long-lasting client relationships based on honesty and trust.

  • My courses are available online and in-person using Zoom, so you can train without tacky hotels and bad food.



You want world-class thinking on your security programme. You need advice on security risk governance. You want to align your security function to your organisation and see real value from it. You're sick of the 'Big 4'. Let's talk.



You want the best training in the world without paying the Earth. You are fed up paying 'sucker prices' for some dull bloke to read you an overpriced book that you don't even get to own. You need other, viable options.


Career coaching

Want a career in security but not sure where to start? Perhaps you feel that you might have been 'promoted above your ability' and fear being 'found out'. Maybe you work in security and you've lost your mojo. Perhaps I can help.



Here you can find my online lecture courses on a range of security risk-related topics. No certificates, no exams, no bullshit. Just the information you need in a format that is there when you need it.

What people say...

"I chose to reach out to Dr Diston when I came across a LinkedIn of his post delineating the differences between cybersecurity and information security. I had recently graduated with a masters in cybersecurity and was having a hard time getting call backs from companies. Dr Diston’s 20 min coaching session allowed him to see that I was moving down the wrong career path and offered advice and resources to help me refocus my career search. In 20 minutes he was able to help me more than the university‘s professors and career services had in 6 months. I highly recommend taking the short investment of time to speak to Dr Diston. His knowledge of the cyber and infosec fields give him a unique view that I haven’t found elsewhere. I will certainly be taking advantage of more of his coaching content as I move forward in my search."

"I’ve been following Dr Rich for a long time on social media and have long been impressed with his frank and honest approach to security risk management. Recent LinkedIn posts on the issues with security consulting and problems faced by security consultant resonated with me so I reached out for a coaching session.


Within 2 hours of the conversation, I had implemented a very small change in business which resulted in instant return on investment. I have continued with this change, and it has already brought about success each time I have used it.


Absolutely recommended. In terms of a return on your investment you will not get better. If you are serious about your career and your business, then invest wisely and this is a very wise investment."

"As a regular follower of Richard's posts on LinkedIn, I took the opportunity to speak with him as I appreciate his direct approach towards both career development and the security industry in general. Too often, 'career coaching' is all mouth and limited trousers and Richard deliberately tackles the often controversial subjects in both a charismatic and challenging fashion which quickly delivers a strong ROI for both the recipient and himself.


Whilst the conversation was tackled in a way that I wasn't necessarily expecting (it was a series of questions rather than a conversational approach) it actually went beyond my expectations and made me question my own pre-determined assumptions regarding both my career development and, more importantly, why I want to achieve what I want to.


If you are prepared to be challenged regarding your career path, and post discussion about what you may need to change to get there, then I absolutely recommend Rich. This is not a discussion for someone who wishes to remain in the warm place of self-imposed ignorance. 


I would use Rich's other services or products more than ever after this. If the style and content is anything like the coaching discussion, it would be worth every penny. There is a reason Richard does not provide services for free, other than the fact it is his business, it's too good to be given away for nothing in return."

"I chose to talk to Dr Diston after following his posts and he kindly accepted me as a connection on LinkedIn. His ‘no-nonsense’ approach is a breath of fresh-air within the industry. He is an unconventional thinker. Experience meets education, he knows what he is talking about. He has a level of education that one day, I also aspire to.


I found my conversation with Richard to be very helpful indeed. Two words stood out, and those two words hit home, and hit home hard. I appreciated Richard’s approach. This conversation certainly gave me a lot to think about. Not only looking at myself from a professional perspective, but also a personal one, and for that I am grateful.


If you are looking for someone to aid you in your career, then Richard is most definitely somebody who can do that! I would recommend him and his services to others."

bottom of page