Layer 0 Security

Defence-in-Depth is the concept that no layer of security is perfect against attackers but security can be achieved by layering many controls together. Security starts with Layer 0.

—– Damage related to cybercrime is projected to hit $6 trillion annually by 2021 —– The total cost of cybercrime for each company was $13.0 million in 2018 —– 25% of breaches were motivated by espionage —– It’s predicted that by 2021, 100% of large companies globally will have a CISO position. —– Data breaches exposed 4.1 billion records in the first half of 2019. —– Global scalability of cybercrime is becoming easier for attackers, as criminals find new business models. —– 68% of business leaders feel their cybersecurity risks are increasing. —– Hiring of security professionals increased from 25 in 2015 to 40 in 2017 per organization. —– Only 5% of companies’ folders are properly protected, on average.

Audit Foundry

Quis custodiet ipsos custodes? (Who watches the watchers?)

Satires of Juvenal

Assisted GRC

I get by with a little help from my friends.

The Beatles

Security Testing

If you know the enemy and yourself, you need not fear a hundred battles.

Sun Tzu

Compliance Solved

We designed our software from the ground up to identify risks, design controls, assign owners, assess compliance, empower internal audit, and to provide direct evidence to external auditors. Certify against any compliance framework such as SOC2, ISO27001, or CMMC.

vCISO Program

We help you build a program that assures you will achieve, and more importantly, maintain compliance. We help you design controls to prove compliance with common security frameworks. We leverage our Audit Foundry to collect evidence, manage risks, and conduct internal audits to provide assurance to external auditors, customers, and other stakeholders.

Technical Services

We document your network infrastructure, map data flows, identify potential risks, and recommend improvements. We scan your systems regularly and simulate a real-world attack against your network at least annually. We can even prepare your entire team for incident response with our live, virtual adversary simulation service.