Board-level governance and risk specialist working across regulated and public-interest systems, with particular focus on digital, cyber and AI oversight. Research focuses on why formal assurance processes systematically underperform at scale — and what boards can do differently.
Experience includes senior responsibility for large technology and security functions in regulated environments where formal assurance processes can create a misleading sense of control.
Focus on how boards maintain visibility of emerging risk in complex organisations. Examines how reporting structures, layered controls and compliance frameworks can unintentionally delay action or mask accumulating systemic exposure.
Oversight of cyber security, AI deployment and digital transformation risk in regulated environments. Addresses control limits, operational resilience, and the governance challenges that arise when technology change outpaces institutional decision cycles.
Experience in environments subject to intensive supervision and public scrutiny. Focus on how scale, regulatory pressure and organisational design shape decision timing, accountability and risk appetite at board level. Sectors include NHS and health system governance, policing and public safety, regulated financial services, and central and local government.
A structural research programme examining why governance architectures designed to manage risk systematically reproduce the conditions for failure — even in organisations that are formally compliant, well-resourced, and operating in good faith. The programme traces a causal sequence: compliance metrics that measure the wrong thing, reporting hierarchies that suppress signal, designer assumptions that mistake transparency for accountability, and coordination costs that overwhelm capacity at scale.
Empirical work draws on cross-sectional analysis of 171 NHS trusts and Freedom of Information data across health, policing, fire and local government. A consistent finding is that resource scale does not predict security compliance — the highest-resourced trusts underperform the lowest-resourced on mandatory security assessments (p=0.88). This points to coordination costs that grow faster than defensive capability as organisations scale. A parallel strand applies the same structural logic to infrastructure investment governance under deep uncertainty.
Published in the Financial Times, HSJ, BMJ Leader Blog, Civil Service World, Public Technology, and Policing Insight. Working papers via SSRN.
Boards often invite external challenge when governance systems appear formally sound but underlying risk exposure continues to grow. Situations where this work is particularly relevant include:
Engagement focuses on understanding governance and risk challenges within their specific organisational context, rather than providing generic or transferable recommendations.
Writing covers governance failure in digital and cyber risk, cognitive bias in board-level assurance, AI accountability, and infrastructure investment. Venues include peer-reviewed journals, NHS and public-sector practitioner media, and policy platforms.
Full writing record is available via the external profiles below.
Financial Times
https://www.ft.com/content/edb2bf1d-14ab-49bd-913a-036710cb7398LSE Business Review
https://blogs.lse.ac.uk/businessreview/2026/03/30/when-firms-announce-redundancies-who-pays-for-the-loss-of-meaning/Health Service Journal
https://www.hsj.co.uk/vsevolod-shabad/3009249.bioThe BMJ (Rapid Response)
https://www.google.com/search?q=site%3Awww.bmj.com+%22Vsevolod+ShabadBMJ Leader Blog
https://blogs.bmj.com/bmjleader/?s=Vsevolod+ShabadCivil Service World
https://www.civilserviceworld.com/news/author/vsevolod-shabadPublic Technology
https://www.publictechnology.net/?s=Vsevolod+ShabadPolicing Insight
https://policinginsight.com/author/vshabad/Email: vshabad@vshabad.com
LinkedIn: linkedin.com/in/vshabad
ORCID: orcid.org/0009-0001-9332-6688
University of Liverpool · BT Group · former CIO and CISO roles