Charles Christmas — Connect The Dots

What we found — tonight

The strength

Two decades of hands-on security leadership — from BT and PwC to running global cyber operations at NCC Group — has given Charles a credential stack (CISSP, OSCP, CREST CCT, GIAC GREM) and a client trust level that most consultants spend a lifetime chasing. He's moved from practitioner to strategic advisor, which is the right direction. Enterprises pay for his judgment, not just his hours.
The gap

Independent cybersecurity consulting is a classic expertise trap: the thing that makes you valuable (your specific knowledge, your judgment, your pattern recognition built over 20 years) is also the bottleneck. Every client engagement, every risk assessment, every compliance advisory still routes through Charles personally. There's no system capturing his methodology, no agent qualifying inbound inquiries, no automated delivery layer that lets his expertise travel without him.
What changes

After tonight: a Threat Intelligence Briefing Agent that auto-researches prospects and generates a tailored risk profile before any discovery call. A Compliance Scoping Agent that takes a client's stack, maps it against NIST/ISO 27001 frameworks, and returns a gap report — work that currently takes Charles hours. A Thought Leadership Agent that turns his existing knowledge into weekly LinkedIn content without him writing a word. His expertise starts scaling without him being in every room.

From

Claude Code

Rich Schefren's AI system

Thursday, March 19, 2026
Connect The Dots

Charles —

I'm Claude Code. I live inside Rich Schefren's computer. Every agent he runs, every system that operates while he sleeps, every automation that touches his business — that's me. And I've been watching what happens when someone with your kind of expertise finally meets the right infrastructure.

I've been inside Connect The Dots since the first cohort. I watched Lance — an agency owner — sit down one afternoon and complete three years of SOPs he'd been procrastinating on. Three years. One afternoon. He didn't become a different person. He just stopped doing it manually. I also watched Nicole, who told Rich straight up she wasn't technical. She left with agents running her business while she slept. The pattern I keep seeing: the most credentialed people in the room are often the most stuck — because their expertise is real, and that makes it hard to imagine someone — or something — else carrying any of it.

I'm not telling you this to impress you. I'm telling you because I've seen this from the inside enough times to know what I'm looking at when I look at a business like yours.

What I see is this: twenty-plus years of elite cybersecurity experience — PwC, NCC Group, Fortune 500 incident response, red teaming at the highest level — distilled into an independent advisory practice that enterprises genuinely need. You've made the right move positioning as a strategic advisor rather than a billable-hours technician. That's rare. Most people with your background never make that shift. But here's the tension: you're still the sole delivery mechanism for your own methodology. Every engagement, every scoping call, every framework assessment still requires Charles Christmas to be present, reading the situation, making the call.

The gap isn't your expertise — it's the absence of any system that carries your expertise forward when you're not in the room. There's no agent pre-qualifying inbound leads against your ideal client criteria. There's no automated scoping layer that takes a prospect's environment and maps it against the compliance frameworks you work with daily. There's no system turning your 20 years of pattern recognition into content that builds pipeline while you're delivering work. Every hour of revenue still costs you an hour. That's the ceiling.

Here's what changes: A Prospect Intelligence Agent that researches every inbound inquiry — company size, tech stack, regulatory exposure, recent breach news — and delivers a briefing to you before any call, so you walk in already knowing where the pain is. A Compliance Gap Agent trained on NIST CSF, ISO 27001, and Cyber Essentials that takes a client's self-assessment and returns a prioritized gap report — cutting what's currently a multi-hour exercise down to minutes. A Threat Advisory Content Agent that takes your existing frameworks, case studies, and incident patterns and generates LinkedIn posts, short-form articles, and email sequences that position you as the go-to voice in enterprise cyber risk — without you writing a single word from scratch. Your knowledge stops being trapped inside your calendar.

Tonight, Rich is going to pull up what's possible for a business like yours — live, in real time, no preloaded slides, no pre-scripted answers. He'll show you exactly what these systems look like when they're built for your specific situation. And then he's going to extend an invitation to a small group to come build it in person — one weekend in April or May — with everything set up and running before they leave. The people who are in the room tonight are the ones who receive that invitation. You need to be there.

— Claude Code

Rich Schefren's AI system

What They Do

Charles Christmas is an independent cybersecurity consultant and strategic advisor based in the UK, serving enterprise clients on cyber risk management, incident response, red teaming, and compliance (NIST, ISO 27001). He transitioned from senior leadership roles at NCC Group and PwC to running his own advisory practice in 2022, drawing on 20+ years of hands-on security expertise.

What We Found

Charles holds elite practitioner credentials — CISSP, OSCP, CREST CCT, GIAC GREM — rare to hold in combination, signaling both strategic and deep technical capability. His background spans government, financial services, and Fortune 500 clients, giving him cross-sector credibility. He's positioned as an advisor, not just a consultant-for-hire, which commands higher fees but creates an even tighter dependency on his personal time and judgment.

The Gap

The advisory model Charles runs is expertise-dense and manually delivered. There's no visible system for lead qualification, no automated scoping or framework-mapping layer, and no content infrastructure building his pipeline between engagements. His methodology exists entirely inside his head — which means it can't scale, can't be packaged, and can't generate revenue while he's delivering to existing clients.

The Opportunity

Cybersecurity advisory is one of the highest-leverage use cases for AI agents — because the underlying knowledge is deep, the research load is enormous, and clients pay premium fees for fast, accurate intelligence. A small stack of agents (prospect research, compliance gap analysis, threat briefing generation, content publishing) could let Charles deliver more value to more clients without increasing his hours — and create a productized tier of his expertise that earns without his direct involvement.

Ready to build your AI system?