About

An independent voice in a market full of vendors.

Founded in 2014 by former bank-side risk leaders, Edshah Capital advises boards and CISOs on the controls that actually move the needle.

Our story

Edshah Capital was born inside a London bank's risk function, after its leaders spent a decade watching IT risk programs generate heat maps instead of decisions.

Today we're a 40-person firm across London, New York and Singapore — partnering with 120+ organizations in financial services, healthcare and the public sector to govern the fastest-moving technology shift in a generation.

What we stand for

  • Independence

    We don't resell tools. Our recommendations are conflict-free.

  • Quantification

    If it can't be measured, it can't be governed.

  • Engineering depth

    Senior practitioners who have built the systems they govern.

  • Regulatory fluency

    Former regulators, auditors and CISOs across every engagement.

Leadership

Edward ShaH

Managing Director · Cyber Risk & Quant Algorithm k

Former BISO, Operational Risk at Microsoft & Salesforce. CGEIT, CISM, MTICP.

Andrew Scott

Head of AI Assurance

Ex-DeepMind safety researcher. PhD ML Robustness, ETH Zürich.

Priya Shrutti

Partner · Compliance

20 years at PwC leading SOC 2 / ISO programs across EMEA.

Toyin Ajayi

Principal · Threat

Former NSA red team. OSCE3, CISSP. Two ATT&CK contributions.