We offer the following expert services:

Risk assessments

We do a full risk assessment of your business ecosystem to uncover material threats, vulnerabilities, controls in place, and gaps against a predefined desired state. The identified risks are then prioritized, and recommendations made for a trust strategy and a risk management and security program. The assessment is holistic, looking at your risks from the multiple dimensions of:

  • People, process, and technology
  • Internal and external factors
  • Compliance with regulations, standards, and best practices
  • Vertical (network stack) and horizontal (supply chain) networked relationships
  • Data-at-rest and data-in-motion

The risk assessment is designed as a live process - not just a one-off exercise. Because of this, and because of the fast-evolving technology and threat landscape that we're dealing with, we recommend that your assessment be updated at least once a year.


Trust program

This service is a follow-on to the risk assessment - basically, we help you develop and implement the recommendations made in the assessment. Trust programs span your organizational divisions and your partner ecosystem, combining elements of risk management, cybersecurity, fraud mitigation, and regulatory compliance. Programs may include:

  • Recruiting, training, and mentoring of your risk management & security team
  • Development of internal and external partnerships
  • Technology acquisition, deployment, and configuration
  • Policies and operating procedures
  • Testing and validation of deployed security and fraud controls
  • Security upgrades to network and physical, and app
  • Business continuity program
  • Communications programs including key messaging, documentation, training, marketing, and public relations


Strategic business development & marketing

We help you to build (or rebuild) the foundation of your business:

  • Mission and vision statement
  • Market analysis
  • Corporate strategy development
  • Business plan
  • Private placement memorandum (PPM)
  • Ecosystem architecture
  • Strategic partnerships


Product development

We provide product development services (either in advisory or hands-on mode), including:

  • Market analysis
  • Product strategy and tactical plan
  • Technical architecture
  • Market requirements documents (MRD)
  • Product requirements documents (PRD)
  • Product roadmaps
  • Implementation plans

 

Communications program

Communications is a critical, but often neglected, element of your risk management & security program. We work with internally with your executive team, HR, training, marketing, and PR groups to develop consistently articulated and applied:

  • Key messages
  • Internal and external training
  • Customer awareness
  • Marketing communications
  • Media and analyst relations

    •

Standards development

We help you with:

  • Risk management, security, and privacy policies
  • Business and technical specifications for standards submissions
  • Representation on standards groups

 

Other services

  • Interim executives (CSO, CISO, CTO or equivalent)
  • Due diligence for M&A, equity investments, IPO preparation, legal process, etc.
  • Expert witnesses
  • Public speaking, panel moderation, podcasts, webinars, blogs
  • Review and editing: business plans, technical documentation, books