What the work looks like
at the level we operate.

A routine invoice from a known art dealer landed in the family office’s inbox. Everything matched the recent acquisition: amount, timing, tone, even the small idiosyncrasies of past correspondence.

The wire instructions, however, had been changed — subtly. The new account routed through a jurisdiction the dealer had never used. The accounts payable lead nearly authorized the wire on familiarity alone, then paused on the routing change and called the dealer directly.

The dealer’s account had been compromised weeks earlier. A near-identical attempt had already succeeded against another of his clients. We coordinated remediation with the dealer, briefed the family’s counsel, and deployed out-of-band verification protocols for any wire above a defined threshold — including a codeword framework for time-sensitive transactions.

No funds were lost. The protocols have prevented two further attempts in the eighteen months since.

A founder approaching a public listing realized, in the diligence cycle, that the visibility of the upcoming filing would reset their digital exposure profile in ways their counsel had not yet considered.

A public filing would surface board affiliations, residence locations, family identifiers, and historical compensation — aggregating into a comprehensive adversary targeting profile. The founder’s wealth advisor reached out, recognizing that posture needed to be in place before the filing, not after.

We had nine weeks. Discovery covered the founder, immediate family, household staff, and three residences. We executed remediation across the major data brokers, hardened the personal device fleet, deployed verification protocols for the household, and established baseline threat intelligence on the founder’s identifiers and the company’s sector.

Two weeks after the filing, a credential dump containing matched identifiers surfaced. The intelligence collection caught it within hours; the architecture absorbed it without incident. The founder transitioned to ongoing retained relationship.

The risk committee of a mid-cap financial services company had begun receiving cybersecurity briefings from internal leadership that satisfied none of them.

The reports were technically accurate but strategically opaque. Directors could not tell whether the program was world-class or under-invested. They could not tell whether the CISO was being honest or filtering. What they wanted, and could not articulate, was an independent voice in the room.

The board chair engaged Gatehaus in a Board Advisor capacity: attend the quarterly risk committee, prepare independent pre-meeting briefs on every cybersecurity matter, and represent the questions directors did not yet know to ask. We worked openly with the internal CISO from day one. Over the first year we facilitated three substantive program shifts the board had been unable to drive directly.

The CISO has since described the engagement publicly as the most productive board relationship in their tenure. The committee renewed in year two with expanded scope.

In a complex commercial matter, opposing counsel had taken a position grounded in a forensic analysis the engaging firm could not, on first reading, evaluate. The expert deposition was three weeks out.

The matter was not principally technical — a contract dispute — but a single forensic finding, if accepted, would shift the case substantially. The firm had no in-house technologist and was reluctant to retain a testifying expert this early; once retained, the expert would be discoverable, and counsel wanted freedom to evaluate the question first.

We engaged under privilege through the firm. Non-testifying, structured to remain so. We evaluated the opposing expert’s methodology, identified two unstated assumptions the analysis depended on, surfaced a third-party data source that contradicted the timeline reconstruction, and prepared a cross-examination memorandum. The engagement closed at the deposition.

The forensic finding was substantially undermined on cross. The matter resolved at a settlement materially better than the firm’s pre-deposition assessment.