Neil Harper — Independent Cyber Advisor
Independent Cyber Advisor · South Africa

Neil Harper

JS2 Compliance Advisor · CyberMax Advisory

I help South African financial service providers navigate JS2 of 2024 — translating complex FSCA cybersecurity requirements into practical, proportionate governance your board can own and your regulator can inspect. I work directly with you, not through a team of junior consultants.

✉ info@cyber-max.co.za
Credentials BComm (Accounting) · PG Diploma in Financial Planning · CISA Examination (ISACA) · ICF PCC Executive Coach
My Background

30 years bridging
IT and financial services

🏦
30 years in senior IT leadership across financial services — including IT Security at Standard Bank, one of South Africa's largest financial institutions.
🤝
5 years in business development and customer engagement at HCL Technologies — working back into financial services at executive level.
🔒
Formal grounding in information systems audit and controls through the ISACA CISA examination — covering audit methodology, risk frameworks, and security controls assessment.
🎯
ICF PCC Executive Coach (credentialled) — I bring a rare ability to bridge technical cybersecurity conversations with senior leadership, making complex risks clear and actionable at board level.
My Approach

Governance-first,
board-ready

I speak both languages
My background spans IT security leadership and C-suite executive coaching. I translate regulatory requirements into decisions your board can make — and documentation your regulator can inspect.
Proportionality is central
JS2 is not a one-size-fits-all standard. I work with your organisation's actual size, risk profile, and resources to build a compliance position that is defensible and sustainable — not overcomplicated.
Regulator-ready from day one
Every document I produce — strategies, policies, board packs, contract schedules — is written to withstand regulatory scrutiny. You are never handed a template and left to adapt it yourself.
You work with me directly
As a sole consultant, there are no handoffs to junior staff. The person you brief is the person who does the work — and who is accountable to you throughout the engagement.
Why a Sole Consultant

What you get that a large
firm cannot offer

01
Direct senior expertise
Every hour you pay for is senior advisory time — not a graduate filling a timesheet. There is no account manager between you and the person with 30 years of experience.
02
Commercial efficiency
No large firm overhead, no partners billing for oversight. You receive focused, proportionate engagement priced fairly for the size of organisation JS2 is most challenging for.
03
Independence
No vendor relationships, no technology partnerships, no upsell agenda. My only interest is your compliance — and the credibility of the work I put my name to.
Get in Touch

Start with a
no-obligation conversation

Whether you are trying to understand your JS2 obligations, need a readiness assessment, or are looking for ongoing compliance advisory — reach out and I will be glad to discuss where you are and what would help most.

Current Availability
Accepting new JS2 engagements for South African FSPs. Initial discovery calls available within the week.
Email
info@cyber-max.co.za
📍
Region Served
South Africa · FSCA-licensed FSPs
🛡️
Specialisation
JS2 of 2024 · Cybersecurity Governance
📋
Staff Training
Launch the JS2 Awareness Training Platform →