About us

The People Behind FaultLine Cyber & Security
FaultLine Cyber & Security Ltd is led by Cris Martlew and Paddy Hearty.

Our mission & vision
Cris Martlew
Cris brings commercial leadership, operational delivery, physical security, governance and risk translation experience. Her focus is helping organisations understand security and resilience in a way that connects to real business decisions.
Paddy Hearty
Paddy brings SaaS, technology, managed service and commercial relationship experience. His focus is helping organisations understand how digital systems, suppliers, service providers and operational dependency can create exposure if trust is granted without enough visibility.
Together, Cris and Paddy bring a practical, business-facing view of cyber and security risk.
FaultLine-CS does not try to be the technical expert in every specialist area. Where specialist testing, certification or technical assurance is required, we work with appropriate accredited specialists. Our role is to make sure the work connects back to the business risk, the decision being made and the evidence leadership needs.
Most Businesses Don’t See their Real Exposure.
FaultLine Cyber & Security Ltd was created to help organisations see the gaps that often sit between cyber security, physical access, supplier dependency, governance and operational resilience.
Most businesses do not experience risk in neat categories. Real incidents move through people, suppliers, systems, access routes, assumptions and decisions. The problem is not always that one control is missing. The problem is often that no one can see how the pieces connect.
FaultLine-CS exists to make that exposure visible before an incident, audit, customer request, insurance renewal or supplier failure forces the issue.
Why We Exist
Many organisations still treat cyber security, supplier risk, physical security, compliance and resilience as separate conversations.
That creates blind spots.
- A supplier may already have access.
- A system may already be relied upon.
- A contractor may already be trusted on site.
- A customer may already be asking for evidence.
- An insurer may already be looking for clearer controls.
- AI tools may already be influencing business output.
FaultLine-CS helps leadership teams understand where those assumptions create exposure and what practical action should come first.
We do not make risk sound more complicated than it needs to be. We make it clearer, more connected and easier to act on.
What Makes FaultLine-CS Different
FaultLine-CS is not built around generic cyber fear.
We look at how exposure moves through a real business: through trust, access, suppliers, systems, physical environments, governance gaps and operational pressure.
Our work is designed for directors, founders, boards and operational leaders who need clear decisions, not technical noise.
We help answer practical questions:
- What are we trusting?
- Who has access?
- Where are we exposed?
- What evidence do we have?
- What should be fixed first?
- What decision needs to be made before we commit further?
FaultLine Cyber & Security Ltd is led by Cris Martlew and Paddy Hearty.
Cris brings commercial leadership, operational delivery, physical security, governance and risk translation experience. Her focus is helping organisations understand security and resilience in a way that connects to real business decisions.
Paddy brings SaaS, technology, managed service and commercial relationship experience. His focus is helping organisations understand how digital systems, suppliers, service providers and operational dependency can create exposure if trust is granted without enough visibility.
Together, Cris and Paddy bring a practical, business-facing view of cyber and security risk.
FaultLine-CS does not try to be the technical expert in every specialist area. Where specialist testing, certification or technical assurance is required, we work with appropriate accredited specialists. Our role is to make sure the work connects back to the business risk, the decision being made and the evidence leadership needs.
How We Work
FaultLine starts with the business reality, not the framework.
We look at what the organisation is trying to protect, where trust has already been granted, which suppliers or systems matter most, what evidence exists, and where leadership needs clearer visibility.
Our work may support areas such as supplier and third-party risk, Cyber Essentials Plus readiness, ISO/IEC 27001 alignment, operational resilience, cyber governance, AI adoption decisions and cyber insurance readiness.
But the starting point is always the same:
- Understand the exposure.
- Clarify the decision.
- Prioritise the next practical step.
Start With A Conversation
If you are not sure where your real exposure sits, that is usually the right place to start.
Book a discovery call and we will help you identify whether FaultLine-CS is the right fit and what the most practical next step should be.
