What We Do
SecuriThink information security strategies go beyond tools and technology to address what is widely regarded as the biggest untapped source of power: the mindset of your people and the culture of your organization.
When your people are engaged and empowered, your culture becomes a force multiplier for security. We call this your Cultural Armour™. Once it’s in place, you’ll wonder why you waited.
Problems We Solve
- Higher returns on data classification — accelerate employee adoption, increase utilization and raise accuracy
- Improve data governance – active and proactive data ownership
- Better phishing protection with more successful employee behavior change
- Make InfoSec initiatives easier and less risky — reduce pushback and organizational noise
- Pragmatic right-sizing of InfoSec initiatives -match to stakeholder appetite
- Engage employees top down and bottom up in InfoSec initiatives
- Closing the gap on higher levels of InfoSec maturity
- Build and maintain Cultural Armour™ — a more deeply embedded InfoSec stance
- Increase capacity to manage out — across the enterprise and the supply chain
- Increase capacity to manage up — to the C-suite and the board of directors
- Support the changing role of the Chief Information Security Officer (CISO)
- Partner InfoSec with the Compliance Officer (CCO) and Privacy Officer (CPO)
- Demonstrate InfoSec and IT is a business partner, not just a cost center
- Improve InfoSec audits — include InfoSec in Business As Usual (BAU)
- Quick start InfoSec projects
- Conduct assessments and design strategies with high rates of implementation success
Your SecuriThink situation assessment and strategy will determine which deliverables best fit your situation. To avoid over-engineering and enhance flexibility, a core principle of SecuriThink methodology is to do the minimum needed to succeed and always be prepared to course correct.
Examples of deliverables may include:
- Business Case for Change
- Impact Analysis of the Future State
- Phase Plan
- Risks Management Plan(s)
- Communication Plan(s)
- Engagement Plan(s)
- Multi-media Plan(s)
- Sponsorship Roadmap(s)
- Coaching Plan(s)
- Resistance Management Plan(s)
- Training Plan(s)
- Special Tactics Design(s)
- Corrective Action Plan(s)
- Change Team Development Plan(s)
- Reinforcement Plan(s)
- Assessment Report(s)
- Strategy Design(s)
- SecuriThink for the Board Directors and CEO
- SecuriThink for the Changing Role of the CISO
- SecuriThink for Data Classification
- SecuriThink for Laptop Protection (combines several modules below)
- SecuriThink for Hard Disk Encryption
- SecuriThink for Removable Media Encryption
- SecuriThink for Phishing Protection
- SecuriThink for Multi-Factor Authentication (MFA)
- SecuriThink for Software Patching
- SecuriThink for Administrative Rights Management
- SecuriThink for International Travelers
- Cultural Armour™ Maintenance
- SecuriThink Assessment & Strategy Toolkit
Culture eats strategy for breakfast.Peter Drucker
You can’t train desire. You can’t email skill.Prosci
While various InfoSec maturity scales do not map directly to the 5 levels of results in SecuriThink methodology, there is a lot of common ground at the highest levels of both.
Our clients engage us to get from one place to another so we might think of an example as “We’re in Chicago and we want you to help us get to San Francisco.” What we’ve learned is that someone who says they’re in Chicago might actually be in St. Louis or maybe even Miami.
SEA is a subset of a SecuriThink engagement strategy. We work in cooperation with existing efforts and leverage them to the fullest extent possible.
SecuriThink senior practitioners are to business transformation specialists as engineers are to physicists. The distinction is one of theory versus applied theory.
Starting with our founder’s degree in computer engineering, technology is at the core of what we do. We work well with Subject Matter Experts (SME) and we have some on our team but most of us don’t consider ourselves technology SMEs.
Our information security specialty gives SecuriThink a tighter focus than most business transformation efforts. We aim to shift your culture, not turn it inside out. We stay in our lane.