Cybersecurity Benchmarking for Critical Infrastructure Sectors

3 Challenges to Industry Benchmarking It was an honor to be invited by the Capital Factory to meet with CISA’s Infrastructure Security team and address how to scale cybersecurity programs. I enjoyed giving a brief presentation on’s mission and how we are serving the critical infrastructure community. One of the questions I received was […]

Maritime Cybersecurity Risk Assessment Tool


Battling 21st Century Threats on the High Seas While historically pirates have been considered the primary threat to maritime security, increasingly ships and shipping have become vulnerable to cybersecurity threats. In particular, a number of the systems aboard vessels have been found to lack protection measures to safeguard ships from specific types of cybersecurity attacks. […]

How Successful Cybersecurity Consultants Drive Higher Client Satisfaction

blog header - How successful cybersecurity consultants drive higher client satisfaction

As an ex-assessor turned product company CEO, I believe great inventions spring from the minds of people hardened through their own struggles and challenges in a unique arena of expertise. For the team at, we’re a Software as a Service (SaaS) company, but if you ask our clients what we do they’ll likely say we’re […]

Colonial Pipeline Cyber Attack – Help With Cyber Assessment And Next Steps

On Friday Colonial Pipeline, a major U.S. fuel pipeline operator, was brought down by a ransomware cyber attack. Details are still coming in as the situation develops. We recognize how difficult this time is for the teams at Colonial Pipeline and all the vendors and suppliers that work with them. Our hearts go out for […] Platform – Entities Page

In this series of posts from our CEO and co-founder, Ted Gutierrez, he talks about our platform’s Entities Page. Why it exists, what our customers use it for, and how it helps them make risk management improvements faster. Enjoy.     So You’ve Completed an Assessment….What Now? When I was a risk manager working for […]

Plan Your Remediation Budget

make sure to allocate enough dollars to cover remediations your team might need

Start with remediations first The most challenging part of remediations is finding the resources. Whether people, budget, or time, risk stakeholder teams are generally overworked and remediation activities tend to take second chair for newly organized or exhausted teams. One way to ensure that resources are available post-assessment is to ask for them before the […]

How to Pre-Plan Assessment Remediations

preplanning your remediations

Make your assessments meaningful by pre-planning remediations Upon first glance, this may seem backward. Remediations come after the assessment where you discover what needs to be remediated, right? Yes, but if you’ve been involved with risk management for a few cycles of assessment and “reassessment” activities, you’re likely familiar with a common theme: Most post-assessment […]

How to Align Stakeholders on Your Cybersecurity Strategy

align stakeholders

Overview We see that companies of all sizes often lack a strategy to gain buy-in from their stakeholders and thus fail to align on the purpose of assessments. Cyber risk assessments are a vital cornerstone of any risk management strategy. To make sure your organization is getting the maximum value of time and resources invested in these […]

10 Steps for a Successful Assessment Strategy

industrial facility

The key to successful assessment planning begins with clear communication throughout the initial planning phases. To ensure technical and non-technical leaders are aligned on the purpose of the cyber assessment, use the 10 steps below to facilitate communication prior to beginning the assessment. (Note: many of these steps can be done simultaneously.)