We are a boutique Cyber Security and IT Program Management focused
consulting firm with offices in Portland, OR., Austin TX. and San Diego, CA. Working with clients in numerous business
vertical markets.
We partner with clients to provide the following value:
We are your Cyber Security, Risk and Compliance "Second Opinion".
- Turn around information technology organizations that have become adversarial to the business by, business re-alignment, leadership training, mentoring and facilitation to:
- Re-focusing the IT organization on business priorities
- Re-focusing the IT organization on the four types of “work:
- Business initiated IT project work
- IT initiated project work
- “Keep the Lights On” [KLO] activities
- Un-planned work
- Breaking the cycle of over promising and under delivering
- Evangelizing to the CEO and his/her direct reports the value proposition of the “IT Program Management Office” [PMO] concept based on the work of Mr. Satish P. Subramanian
- Assist with planning, hiring, training and ongoing support for the CEO’s direct reports via the IT PMO, focused on creating a lean, responsive, nimble IT organization with a 100% customer service satisfaction rating for internal and external business customers.
- Analyze and recommend long term strategies for Cyber/Information Security & Compliance program automation plus integration with a focus on:
- Global Corporation “requirements traceability” analysis and planning to manage US and International compliance framework requirements.
- Mapping regulatory, legislative, and contractual obligations to Policies, Processes and Procedures to remake these into a vibrant cost saving and risk mitigation strategies.
- Create an “audit artifact” validation program that integrates business, IT, Information Security and Compliance organizations to maximize effectiveness, maximize automation, minimize costs, and mage risks.
- Data Loss Prevention / Data Leakage Prevention
- Guide CEO’s, Boards of Directors, senior IT / Legal / Compliance and HR executive teams to gain a better understanding of Intellectual Property and Trade Secret protection risks and mitigations of those risks.
- Facilitate and plan for long term success and minimizing employee “blowback”.
- Risk Mitigation via “best practices” analysis:
- Quantifying risks to key business processes, monitoring and managing those risks
- Risk analysis and mitigation strategies
- Risk planning strategies for BYOD systems within the corporate perimeter
- Software Licensing compliance strategy, planning and negotiations
- API, Web Services and Micro Service security risk analysis and management
- DEV / SEC / OPS - effective security controls analysis and implementation
- Using cloud and your existing SDLC methodologies as well as time proven capabilities to:
- Minimize your software development, QA and Pipeline program risks
- Working with software and QA team leads to reduce risk and duplication of efforts
- Implementation of technology "service catalogs" for development teams so they are focused on business requirements and not "security stuff".