STRATEGIC services

Security Strategy

Developing a forward-thinking cybersecurity strategy will help protect and position your organization to defend itself from cyber-attacks and breaches today and in the future. We specialize in developing 'multi-year roadmaps to future security' to get you from where you are today to where you want to be tomorrow.

Security Governance

Developing the right governance structure to manage your cybersecurity program will help provide increased visibility and improved management for prioritization of business risks. Let us help you design the right mechanisms and structures to encourage success.

Security Policy

Developing sound security policy, standards, procedures & guidelines will help you to build effective administrative cybersecurity controls for your staff and partners to follow. If users know what they should and shouldn't do then your battles are at least half won.

AssesSment services

Security Risk Assessment

Undertaking a comprehensive risk assessment to NIST SP800-30 standards should be an annual undertaking. Let us help you with your asset discovery, assessment and risk analysis needs.

Compliance Gap Assessment

Compliance with government or industry requirements is becoming especially difficult to navigate given overlapping rules and regulations which are constantly changing. Let us help you to see the wood through the trees. PCI DSS, HIPAA, GLBA, GDPR, NERC CIP - no problem!

Technical Vulnerability Assessment

Testing the effectiveness of your security defenses is a vital step in understanding threats & vulnerabilities and where you might be exposed. Our expert penetration and vulnerability testers are well accomplished at breaking in to the most secure of sites. Far better for you to find any holes before the hackers do!

design services

Infrastructure Security

Buying new shiny tools sounds great but how do they fit together effectively with your existing technology? Your IT infrastructure needs to work like an well-oiled machine in today's age of hybrid multi-cloud and legacy data center IT. How you integrate it all is not easy.
It's no wonder that you probably need some design help?

Network Security

The network is where is all comes together. Your users, partners, customers, applications, data and infrastructure. It no longer just about securing the outside perimeter. Hybrid multi-cloud, SD WAN, and network micro-segmentation have changed all of that. Add in the growth of IoT devices and you have a very different set of security needs. Designing a secure network has become critical to securing your business.
Our network security SMEs can help.

Application Security

Whether you still "roll your own" applications, purchase them off the shelf, or simply procure applications-as-a-service delivered via the cloud, you need to test and make sure that you are not exposing your crown jewels. That's where we can help with application security experts who can dissect your code, perform static analysis and other tests to help identify weaknesses that need your attention.

INTERIM & VIRTUAL EXECUTIVES

Have you considered an Interim Chief Information Security Officer, Chief Risk & Compliance Officer, or a Chief Information Officer, while you embark upon your search for a permanent hire?  Someone to fill the gap while you find the “right” person longer term.

Are you looking to grow and transform your Security, Risk and Compliance programs quickly?  We can provide you with one or more “heavy-hitters” to do just that. When their work is done and your transformation is complete, they can hire their replacements or train up existing staff members to take over.

Do you really need a CISO, CRO or CCO but are having difficulty obtaining budget for one?  Maybe all you really need is someone part-time on a day or two per week basis. Someone to put in place the higher level strategy, governance and policy aspects of your program, while your existing staff manage the day-to-day operations for security, risk and compliance.

We can help by filling your leadership role with an accomplished and highly qualified professional on an “interim” or “virtual” basis.

Please contact us for details.

SCHEDULE A CALL TO CHAT ABOUT YOUR NEEDS AND HOW WE MAY BE ABLE TO HELP YOU

About us

We are all accomplished security leaders and former corporate executives. We have been there, fought battles and wars, and come out the other side mostly unscathed. Our goal is to help YOU win YOUR battles and to secure YOUR organization – especially today now that the odds are increasingly stacked against you.

We come from Financial Services, Government, Education, Healthcare Life Sciences, High-Tech, Entertainment, Retail, Utilities, Military, and Consumer and Industrial Products.

Most of us have been in the cybersecurity business for more than 25 years. During this time we have managed our own information security programs and helped others to do the same. We think of ourselves as accomplished mentors rather than consultants, advisors or over-priced experts. We love what we do, and our passion is to help others to build, refine or refresh their own security programs with new and effective ideas that we know from experience will work.

we are global

We work for customers around the clock and around the world. No matter where you're based and in what time zone, we are happy to assist you.

As a result of COVID travel restrictions, we are currently supporting our clients virtually.​

CONTACT US