We started North Country Advisory because we kept seeing the same pattern.
New technology shows up in everyday work long before most organizations have practical guardrails around it.
Right now, that pattern is playing out with public AI tools.
In many firms, the most immediate risk is not a formal AI program or a complex technical architecture. It is ordinary employees and contractors using public AI tools in browsers, personal accounts, unmanaged devices, and day-to-day workflows that were never designed with AI in mind.
founder background
Enterprise security in highly regulated environments.
Elizabeth Rowe's background includes 15 years in enterprise-scale security, governance, and workforce-risk work in highly regulated environments, with much of that experience sitting at the intersection of user behavior, endpoint and browser exposure, policy, and practical control design.
That matters because unmanaged workforce AI use is rarely just a technology issue. It is usually a mix of employee behavior, browser-based access, personal accounts used for work, BYOD and personal-phone exposure, incomplete visibility, and uncertainty about what should be allowed, restricted, or prohibited.
Why we started
North Country Advisory focuses on that narrower problem.
We started this business because we believe smaller firms need practical, experienced judgment without unnecessary complexity.
We work with small regulated and oversight-sensitive firms that need practical guidance on unmanaged employee use of public AI tools. Our role is to help clients understand the exposure, clarify the blind spots, define workable guardrails, and move toward proportionate next steps.
Where implementation support makes sense, we can help prepare the right handoff to internal teams or external partners.
How we work
Focused and practical.
Our approach is built around what actually moves smaller regulated firms forward — not broad frameworks or aspirational programs.
- Understand the real workforce exposure
- Be honest about what can and cannot be seen
- Define practical guardrails for ordinary users
- Help clients choose proportionate next steps
- Keep the work narrow enough to be useful
We do not believe every organization needs a complex AI program to get started. In many cases, the first step is simply getting clear about what is already happening in ordinary workflows and where the real blind spots are.