• It's All About Managing Risk

    Specifically, your business operates within a world full of risks, some you know about and others may catch you off-guard. Cyber-risk is only one piece of your business' risk/reward calculation. Our job is to provide appropriate, cost-effective, and right-sized options enabling you to effectively manage your cybersecurity within the context of your overall business operation.

    We know system and data security really well.

    Our techniques focus on the Confidentiality-Integrity-Availability (CIA) triad. Each threat impacts your computer systems in one or more of these ways. For example:

    an employee mistakenly clicks a link that gives an attacker access to your network breaching confidentiality


    a system failure corrupts an update to a file and incorrectly modifies information for an order thwarting integrity


    your systems become infected with ransomware impacting availability

  • We Have Experience

    With information security in its many forms, that is

    If you are concerned about threats to your business related to cybersecurity then you already know these threats come in may forms. Insiders, outsiders, web sites, emails, hardware, applications, on-premise systems, and cloud-based platforms all create exposures that can be used to harm your business through disruption of your computer system infrastructure.


    We work with your organization to assess your exposure, identifying what is often called your attack surface. This means we consider all the ways your business might be attacked. We aren't just looking at your computer systems, our planning includes people, processes, and applications. With a clear list of vulnerabilities and potential business impacts, we work with your team to prioritize efforts to mitigate those risks which you determine cannot be accepted in their current state.


    For us the reward of coming to work each day is in being a part of a business' journey from having vague concerns about cyber-risk to one that operates intentionally with regards to cybersecurity management. As we said before, businesses operate with risks, we cannot alleviate all of them, rather we want to know what risks we face and make informed business-driven decisions regarding whether we mitigate, transfer, or accept those risks.

  • Our Services

    We focus on service - not products. There are many cybersecurity-related products and if any seem relevant to your situation we have experience working through selection, installation, setup, and operations depending on the needs of your organization. We do not participate in financial incentive programs with any vendors. We work for you, our interests are focused on your success.

    Assessment and Recommendations

    Our core service is working with your organization to identify cyber-risks and relevant mitigation strategies. Often we find that organizations have tools available which could improve their cybersecurity posture but haven't taken the time to apply focus, making them operational and implementing ongoing processes for their use. Our recommendations are actionable, focused on what you can do now and suggesting where you need to invest over a longer term.

    Training

    We have delivered training for end users, management and development teams. Our background includes secure software development, system security, and operational security. Often what employees lack is an understanding of their role in maintaining an organization's security stance. Our training process moves beyond one-time efforts and provides articles and flyers that you can use to continually remind your team about their key position in keeping your business secure.

    Operations

    For organizations without a full time systems operations staff we offer services such as system backups, network monitoring, and cloud integration. Your business may find it useful to leverage our team to get a robust process in place and then have your team take it from there.

  • Be Part of Our Community

    Tinkering with solutions gives us practical experience beyond the white papers and marketing emails. We have several open source projects that we use to try out different techniques and technologies. Feel free to join in the fun with us.

    Semantic Workbench

    A tool for interacting with triple stores and SPARQL endpoints. Download the source code or install the program and try it out.

    SPARQL Droid

    Have Android, like semantics? Try out our tool for interacting with triple stores and SPARQL endpoints from a mobile device. Yes, you can reason over an ontology (albiet a small one) right on your phone! You can install it from Google Play