We believe that every business unique. Challenges, risks, desired outcomes (and even politics) vary from organization to organization. We’ve learned that clients know their business better than anyone else and that our role is to help design a security strategy that supports both security and line-of-business. We focus on clients that endeavor to build a strategy transforms security from a cost center to a business enabler by delivering on the most forward-looking outcomes in the industry.
End User Practitioners: Physical, InfoSec, Compliance
Manufacturers, Developers and MSSPs
VARs, Consultants, Service Delivery
User VC’s, PE’s, Fund Managers
The physical security industry has evolved slower than its Information Security counterpart. As a result, is still trying to figure out how to incorporate technologies and methods that are commonplace in other industries. While that’s playing out, leading organizations are looking to change their security paradigm from “common practices” to truly “best practices”. We believe that this approach requires moving from silos born from from purpose-built and closed ecosystems to more capable and open platforms which provide extensible and targeted results.
What type of results? Our research indicates that organizations that have really spent the time envisioning what their security SHOULD be doing for them, desire a new paradigm. One that views security events in a “rear-view” where it will always be too late to respond even with the best reporting, to model that is “predictive” which can lead to a more preventative paradigm.
Vendors and their channels are struggling with these changes. It requires a depth of knowledge in areas they aren’t used to – application security methodology, cyber security, machine learning, and predictive modeling, and others. All the while, they’re still trying to figure out how to offer or improve and air-gap latent technology such as IP, mobile and cloud.
We’ve spent that last several years focusing on the intersect of cyber and physical security. Blending practices, principles, controls and validation. You can find us speaking or doing training at hacker conferences, InfoSec conferences, and within the physical security industry. Our perspective is wide but our skills are deep.
We engage on day one with actual subject matter experts – not salespeople. We’re focused on your problem, not the revenue opportunity. How can this be the case? Because our goal isn’t to increase billable hours with clients. Rather, enable them to make better decisions that are sustainable without having to rely on us. We eliminate sales and account management meetings from the process. We skip doing rounds of golf (that try and get you to like us). We’ll first build that relationship on a foundation of value. So we get right to work by listening – and then asking some pretty important questions about how you envision security and what it should be doing for your organization.
We employ a step-wise methodology that we’ve developed, based on our research and implementation inside of some of the world’s largest companies which has gone through a comprehensive hardening process. There are several processes, tools, and insights that come out of this that no other consulting organization provides. We’re confident that we’ll provide insights and answers that you’re not hearing in the mainstream industry – because we don’t think they work.
Organizational: If its strategic, we start from the business side to understand what the desired outcomes are, what the measurement for success may look like (for you) and how this would impact or transform the organization.
Tactical: Some clients already know their problems or have ideas on solutions and just need some targeted assistance. We’ve designed our advisory methodology to be modular so they can be applied broadly or with surgical precision only where its desired.
Whether its to transform the entire security organization or remediate very specific areas, we have you covered. We’re also pretty honest with ourselves about what we’re experts in and the scope of our services so we don’t compete with vendors and integrators but work with them if that’s your preference (to hand-off so they can execute or be part of the extended team).
Scope of Advisory Consulting Services