About
An independent voice in a market full of vendors.
Founded in 2014 by former bank-side risk leaders, Edshah Capital advises boards and CISOs on the controls that actually move the needle.
Our story
Edshah Capital was born inside a London bank's risk function, after its leaders spent a decade watching IT risk programs generate heat maps instead of decisions.
Today we're a 40-person firm across London, New York and Singapore — partnering with 120+ organizations in financial services, healthcare and the public sector to govern the fastest-moving technology shift in a generation.
What we stand for
Independence
We don't resell tools. Our recommendations are conflict-free.
Quantification
If it can't be measured, it can't be governed.
Engineering depth
Senior practitioners who have built the systems they govern.
Regulatory fluency
Former regulators, auditors and CISOs across every engagement.
Leadership
Edward ShaH
Managing Director · Cyber Risk & Quant Algorithm k
Former BISO, Operational Risk at Microsoft & Salesforce. CGEIT, CISM, MTICP.
Andrew Scott
Head of AI Assurance
Ex-DeepMind safety researcher. PhD ML Robustness, ETH Zürich.
Priya Shrutti
Partner · Compliance
20 years at PwC leading SOC 2 / ISO programs across EMEA.
Toyin Ajayi
Principal · Threat
Former NSA red team. OSCE3, CISSP. Two ATT&CK contributions.
