Our focus on talent does not blind us to the need for competence. Talent is a predictor of future performance, but you need to survive the present before you can worry about the future.

This is why we marry technical expertise with behavioral science: we understand what your people need to be doing in the present even as we help you secure the future.

Cybersecurity has to be effective in order to matter which is why we use the NIST CSF as our preferred methodology.

We understand that often you have the people that you have. As Donald Rumsfeld once said, you go to war with the army that you have.

But are the assigned responsibilities the best fit for the people you have?

Have things changed over time? For example, were you forced to reward performance with promotion, meaning that your best technical contributors are now mediocre managers?

We can help you sort that out.

Cybersecurity changes so rapidly that it is hard to keep up. Priorities shift leaving policies and procedures rapidly out of date.

Frequent review is a must. To stay on course we recommend periodic objective, external, expert review. "Expert" meaning rigorous (we use the NIST CSF). "External" because it is hard to see the flaws in the system when you are part of the system. "Objective" because you want an opinion that is not influenced by which services you will buy based on that opinion. [Next]