Your Trusted Cybersecurity Consulting Partner
In today's rapidly evolving digital landscape, protecting your company, infrastructure, and applications requires more than off-the-shelf solutions. Shambliss Guardian delivers comprehensive cybersecurity consulting services designed specifically for corporate and industrial environments. Our unique blend of technical expertise, legal acumen, and operational experience ensures your critical assets remain secure against sophisticated threats.
Real-World Impact: Trusted by Mid-Size to Global Enterprises
Decades of Combined Expertise
Our leadership team brings together former CIOs, CISOs, and legal counsel with extensive experience protecting critical infrastructure. This unique combination of technical depth, operational insight, and regulatory knowledge ensures comprehensive protection for your organization.
Through strategic partnerships with leading cybersecurity insurers and technology vendors, we enhance cybersecurity for our clients while minimizing operational expense. Our proven track record spans multiple industries, consistently reducing risk and ensuring compliance across complex regulatory landscapes.
Explore our Services
Explore cutting-edge cybersecurity insights designed to give you immediate access to expert knowledge and targeted information about how Shambliss Guardian protects clients against evolving cyber threats.
Security Advisory, Strategy, & Solutions
Align security initiatives with your business objectives through comprehensive planning and strategic guidance.
Security Strategy and Roadmap
Prioritized strategy and actionable roadmap. Partner with your team to execute and identify technology and managed service solutions.
Security Posture Validation
Security effectiveness is measured by your ability to recover swiftly and decisively, not just prevention or detection.
Governance, Risk Management & Compliance
Comprehensive GRC framework implementation helps you navigate regulatory requirements with confidence and ease.
Due Diligence & Compliance
Navigate complex cybersecurity questionnaires and regulatory audits with expert guidance, ensuring proper documentation and proofs.
Disaster & Incident Recovery
Our "Trust but Verify" methodology ensures continuous improvements. Establish a baseline and roadmap to maintain robust defenses against emerging threats.
Application Security Testing & Verification
See your applications through the eyes of a hacker. We provide business impact ranked results with prioritized remediation plans.
AI Security Foundation and Guardrails
Build AI into a competitive advantage safely. Implement AI security, policies, and guardrails, and verify security for deployed solutions.
Monitoring & Management Solutions
24/7 monitoring and defense against ransomware, breaches, and sophisticated cyber attacks targeting your infrastructure.
Explore Our Enterprise Services
Security Advisory, Strategy, & Solutions
Our focus and experience in building security solutions sets us apart from the general office network and security integrators. Our team has worked in the highest speed, resilient, custom application heavy companies with significant intellectual and compliance challenges. Government regulations, like incident reporting that are currently for public companies, will increase the need for a complete and tested security solution. Shambliss Guardian partners with clients, security vendors, and the cybersecurity insurance industry to fight the increasing threats to your company.
Our team has decades of experience in the IT and security industries. We bring this expertise with proven methodologies to assess and design a unique solution for your business. Our methodology integrates Internet of Things (IoT), networks, firewalls, applications, AI implementations, operational processes, and 24X7 monitoring and management. We will assess, design, implement, and manage a unique security solution.
- Security Advisory and Assessment
- Security Strategy and Roadmap
- Implementation and Transition
- Monitoring and Management
- Breach Forensics and Testing
- Security Incident Management
- Security Posture Validation
- Governance, Risk Management, and Compliance
- Preparation of Due Diligence and Compliance Responses
Governance, Risk Management, & Compliance (GRC)
Shambliss Guardian understands the unique challenges its clients face navigating the complexities of Governance, Risk Management, and Compliance (GRC). We tailored our GRC services to empower your business with comprehensive solutions that align with your specific needs and objectives. Our staff has deep expertise in operational, security, and legal matters.
Governance: We provide strategic guidance to align your business's technology and security activities with corporate goals. Our governance framework facilitates effective decision-making for resource management, processes, and policy implementation. We work with our clients to create a culture of efficiency, accountability, and operational excellence.
Risk Management: Today's digital landscape includes diverse and increasing cybersecurity threats. Risk management services focus on identifying and mitigating risks that could impact your business continuity and data integrity. We employ proven tools and methodologies to assess, prioritize, quantify, and manage risks. Risk identification and threat monitoring enables you to minimize risk your business. Resilience is achieved through business continuity planning and testing, together with a strong cybersecurity posture and program.
Compliance: Stringent client, partner, regulatory, and governmental regulations are impacting our clients. Preparing for regulatory or security requirements before they are enforced is critical. Building a compliance framework to assist with relevant industry standards and legal requirements can minimize the time and stress of meeting these regulations. Having strong compliance frameworks can also be a competitive advantage by showing preparedness to meet third-party security requirements. We simplify the complexity of compliance, helping clients navigate the ever-changing regulations in cybersecurity and data protection through the implementation of industry best practices.
Our approach at Shambliss Guardian is not just about managing governance, risk, and compliance. We work to turn these challenges into strategic advantages for your business. We're committed to providing solutions that not only protect your reputation but also enhance your business' growth.
Artificial Intelligence AI Security & Guardrails
AI systems introduce novel attack vectors and vulnerabilities that traditional security methods often miss. Ensuring the integrity and ethical behavior of AI models requires specialized configuration and robust guardrails. Shambliss Guardian provides deep expertise in securing AI deployments, helping you protect against data poisoning, model evasion, and malicious output. Our proactive approach ensures your AI solutions are resilient and trustworthy from design to deployment.
- AI Model Architecture Review
- AI Threat Modeling & Attack Surface Analysis
- AI Model Configuration & Bias Testing
- Guardrail Implementation & Remediation
About Us
OUR MISSION
We have learned that technology alone isn’t enough to combat cyber attackers. Our fundamental belief is that hands-on, front-line expertise and intelligence, combined with innovative technology, provide the best means to protect our customers from cyber threats. Assessments and roadmaps are a good start, and then we follow through by partnering with our clients on the delivery of recommended solutions. Whether it is building the processes, implementing the security solutions, or monitoring and management, our collaboration and partnership don’t stop when the work begins. Our mission is to relentlessly protect our customers from the impact and consequences of cyber attacks.
WHAT MAKES US DIFFERENT
Customers First
Our customers are at the center of all we do. We do not stop at “the minimum necessary” but strive to understand the needs of our customers and take care of those needs with commitment, urgency, optimism, passion, and expertise.
Honesty
We do the right thing – not just when someone is looking, but all the time. This is the only way we know how to do business.
Transparency
We do what we say and we own our results. We do not make a commitment for Tuesday, deliver on Friday and hope no one notices. Big problems or small, we set expectations and we do what we say we are going to do – when we say we are going to do it.
Meet the Executive Leadership Team
CRAIG SHERWOOD
PRESIDENT
Craig is a technology and professional services leader with over 25 years of experience in building professional services organizations from initial creation to successful operation. He also has over ten years of experience in assessing and advising clients about IT/OT security solutions and products. His leadership centers on long-term strategy, detail-oriented execution and innovative approaches. Craig’s businesses have achieved robust growth by offering targeted cybersecurity solutions, including penetration testing, smart IoT /OT, software development life cycle (SDLC), and governance, risk management and compliance (GRC) frameworks and execution.
JOHN HART
CHIEF INFORMATION OFFICER
John is a CIO, CISO, Executive Board Advisor, and Executive Coach. He has more than 30 years of experience in IT, software development, and cybersecurity ranging from equity-backed startups to large international financial institutions. John was responsible for all aspects of cybersecurity for the world’s largest futures and options exchange. He has built infrastructure and security solutions for cloud-based startups to multi-location IT/OT companies. His career focuses on secure-by-design transformation of businesses. Using a combination of experience, powerful tools, and customized processes, John collaborates with his clients to accelerate and amplify their information security, business resilience, and risk management posture to ensure clients adhere to the compliance requirements of their industry.
AARON KASE
VICE PRESIDENT – LEGAL
Aaron is an attorney focused on technology and cybersecurity. He brings expertise in fluently translating IT matters to legal professionals and business owners and board members. His expertise encompasses data privacy, cybersecurity, governance, risk and compliance. Aaron’s communicates complex ideas simply and clearly, making intricate technical and regulatory concepts accessible and actionable. He ensures that governance, risk management, and compliance (GRC) is built into the consulting and security solutions we provide. This enables businesses to navigate the intricate landscape of cybersecurity law and regulation.
DAN HANSVICK
VICE PRESIDENT – SALES AND CONSULTING
Dan is a Cybersecurity Solutions Specialist who has decades of experience collaborating with clients to build technology solutions. He’s a business owner who understands how to balance security requirements, budgets, operations, and client capabilities to create cost-effective solutions. Dan helps clients defend the expanding attack surface that has arisen from the convergence of IT and OT, Factory 4.0, cloud, digital transformation, all while complying with government regulations. He applies his deep IT, application, security, and risk management experience to build successful business outcomes for our clients.
Easy Navigation to Key Resources
Access comprehensive information about our services, schedule consultations, and stay informed about the latest cybersecurity trends affecting your industry. We've designed multiple pathways to connect you with the expertise and insights you need.
Primary Services Brochure
Download our comprehensive guide detailing all cybersecurity offerings, methodologies, and success stories. Click here to download the full PDF document.
Book a Consultation
Schedule a complimentary security assessment with our experts. Use our integrated scheduling system to find a time that works for your team and receive immediate confirmation.
Shambliss Guardian Blog
Stay informed with weekly insights covering emerging threats, compliance updates, and best practices for securing industrial and enterprise environments in today's evolving landscape.
Factory Security
Factory and Manufacturing (ICS/OT) Cybersecurity
Factory Security Solutions
Our focus and experience in building security solutions specifically for manufacturers sets us apart from the general office security integrators. Manufacturing has specific requirements for the prioritization of safety, production, and security. There are also limitations on adding security to production equipment and factory floor network requirements that limit the security solutions available in this environment. Government regulations, currently for public companies, will increase the need for a complete factory security solution. Shambliss Guardian partners with clients, security vendors, and the cybersecurity insurance industry to fight the increasing threat to factory production and safety.
Our team has decades of experience in the IT and security industries. We bring this expertise with proven methodologies to assess and design a unique solution for your business. Our methodology integrates Industrial Internet of Things (IIoT), networks, firewalls, operational processes, and 24X7 monitoring and management. We will assess, design, implement, and manage a unique security solution.
- Security Advisory and Assessment
- Security Strategy and Roadmap
- Implementation and Transition
- Monitoring and Management
- Breach Forensics and Testing
- Security Incident Management
- Security Posture Validation
- Governance, Risk Management, and Compliance
- Preparation of Due Diligence and Compliance Responses
Security Advisory and Assessment
Shambliss Guardian will work with the business, network, security, and plant floor teams to determine the current state of security in place today. The assessment will perform a high-level view of security solutions, processes, documentation, and monitoring. The business drivers, factory floor production and communication needs will be incorporated into the definition of requirements. The advisory team will present business, operational, and cybersecurity current state and a recommendation for the outcomes required to meet governmental, compliance, and insurance requirements.
- Business requirements and outcomes definition
- Production requirements, priorities, and limitations
- Network and security diagram and operational review
- Process documentation
- Monitoring and management capabilities
- Presentation of current state and next steps
Security Strategy and Roadmap
Shambliss Guardian will work with you to align the initiatives to the desired outcomes. The strategy and roadmap will take a deeper dive into the current state of security.
- Traffic patterns and throughput – firewall sizing
- Identity and access management requirements
- Segmentation definition
- High level processes, procedures, and documentation creation and review
- Strategy and Roadmap creation and review
- Turnkey project management
Our analysis will determine the projects required and an estimated cost to improve your security posture and management solution.
Shambliss Guardian will present the solution, timeline, and budget for the solution we recommend. These will be actionable solution-based plans for:
- Security products
- Implementation
- Configuration
- As build documentation
- Transition to monitoring and management
Example: Our staff has architected, designed, and implemented hundreds of security solutions. One project included factory security for over 100 global manufacturing sites. It included the analysis of the traffic and segmentation, procurement of the security hardware and software, implementation, and ongoing monitoring of the security solution.
Implementation and Transition
Projects defined about will be discussed and responsibilities will be defined for Shambliss Guardian, the factory team, and any vendors required for the project. The installation and configuration of the security solutions can take place without affecting production.
- Planning for the transition to new security solutions
- Cutover and roll back planning
- Update and patching of current environment (required but not included)
- Configuration of the new security hardware, identity, and segmentation
- Cutover to the new infrastructure configuration
- Communication testing (Production testing factory responsibility)
- Day one cutover support
- Transition to selected management
The Shambliss Guardian team has decades of experience with strategic migration projects. We understand that the resumption of factory production is critical. Proper planning, expertise, pre-arranged vendor support, and post implementation support need to be arranged for prior to the transition. We also recommend limiting the number of transition changes to minimize the complexity of troubleshooting.
Monitoring and Management
Security solutions are not like network equipment in a static environment. Security firewalls, configurations, and versions are constantly being updated. They are your first line line of defense, and it is best to keep them healthy and at current version and patch levels. Cyber-criminals do not rest when your team goes home for the night. Ransomware is a 24X7 operation. It is highly recommended that you have the same coverage watching and responding to attacks and breaches. You may already be running multiple shifts in the factory and know the difficulty of staffing evening and night shifts. The shortages of cybersecurity professionals lead to similar struggles and a lack of qualified candidates. The cost of a monitoring service is considerably lower than the investment in equipment, software, and staffing for your own security operations center. Monitoring services include industry standards-based operations and processes. Documented processes and responses are part of what clients, partners and insurers are looking for in a good cybersecurity posture.
Our outcome-based security solutions are custom-built to cover your most important security requirements and compliance directives. All the offerings can be acquired individually or combined into a single outcome base solution.
- End Point Security
- Internet of Things (IoT) Industrial IOT (IIoT) or Operational Technology (OT)
- Internal and External Firewall
- Network Segmentation
- Zero Trust – Remote Access
Security Posture Validation
Security validation is an evaluation of the current state of your security posture. We are seeing management and board members requesting confirmation that the information provided by IT and the security team is correct, documented, and actionable. We see management requesting third-party validation of the security measures in place are followed and effective.
- Penetration testing of the internal, external, and wireless networks
- Internal segmentation validation
- Security review of outsourced vendors and linked partners
- Review of managed service provider’s ability to meet service level agreements
- Review of contracting and breach readiness
Governance, Risk Management, and Compliance (GRC)
Shambliss Guardian understands the unique challenges its clients face navigating the complexities of Governance, Risk Management, and Compliance (GRC). We tailored our GRC services to empower your business with comprehensive solutions that align with your specific needs and objectives. Our staff has deep expertise in operational, security, and legal matters.
Governance: We provide strategic guidance to align your business’s technology and security activities with corporate goals. Our governance framework facilitates effective decision-making for resource management, processes, and policy implementation. We work with our clients to create a culture of efficiency, accountability, and operational excellence.
Risk Management: Today’s digital landscape includes diverse and increasing cybersecurity threats. Risk management services focus on identifying and mitigating risks that could impact your business continuity and data integrity. We employ proven tools and methodologies to assess, prioritize, quantify, and manage risks. Risk identification and threat monitoring enables you to minimize risk your business. Resilience is achieved through business continuity planning and testing, together with a strong cybersecurity posture and program.
Compliance: Stringent client, partner, regulatory, and governmental regulations are impacting our clients. Preparing for regulatory or security requirements before they are enforced is critical. Building a compliance framework to assist with relevant industry standards and legal requirements can minimize the time and stress of meeting these regulations. Having strong compliance frameworks can also be a competitive advantage by showing preparedness to meet third-party security requirements. We simplify the complexity of compliance, helping clients navigate the ever-changing regulations in cybersecurity and data protection through the implementation of industry best practices.
Our approach at Shambliss Guardian is not just about managing governance, risk, and compliance. We work to turn these challenges into strategic advantages for your business. We’re committed to providing solutions that not only protect your reputation but also enhance your business’ growth.
Preparation of Due Diligence and Compliance Responses
Cybersecurity questionnaires are required by many different organizations, including supply chain partners, clients, vendors, banks, cybersecurity insurance agencies, and governmental authorities. Having and being able to prove a strong cybersecurity posture is a business advantage and can help win new business and keep the business you already have. Questionnaires are complex and need to be answered truthfully, showing your company’s strong adherence to standards and best practices. Shambliss Guardian’s offering includes building a repository of the proper responses for ISO, NIST, and other due diligence requests to minimize the time necessary to complete these now and in the future.
Blog Posts
Ready to unlock the potential of AI and transform your business?
Dan Hansvick
November 26, 2025
AI attacks are growing, and execution is faster than ever. We need to fight machine speed AI based attackers with machine speed AI based defenses. Perimeter based defenses have been falling due to the ability of AI and Bots to scan and identify vulnerabilities in your environment. Anyone looking at the breaches to large and small companies can see the successful attack results. Small firm with 35 employees rebuilds after a ransomware/encryption attack and has to spend $50K to rebuild their business with a week of downtime. The large enterprise expenses are in the millions. Stay tuned for two announcements from Shambliss Guardian. AI based red team to test your environment with an AI based blue team to defend it at the same time. Sound interesting? How about polymorphic encryption to protect your data. Hackers can exfiltrate your data, but it will be unreadable by them, rendering it useless to use as a lever to extract a ransom. Working together with our partners to protect your customers, supply chain, and most importantly YOUR business.
Dan Hansvick
May 15, 2025
Join industry experts Michael Mask, VP of Client Success at Aqueity and Aaron Kase, VP of Legal at Shambliss Guardian for an exclusive webinar on AI Unlocked: Key Strategies for Success and Managing Risks.
Why Attend?
Expert Insights: Hear from industry leaders on how organizations like yours are beginning their AI journey. Risk Management: Learn how to implement effective AI guardrails to safeguard your data and ensure compliance. Get Connected: Participate in an interactive Q&A with our experts—your chance to ask questions and gain deeper insights into your AI journey. As a bonus, attendees will receive exclusive resources designed to help their organizations move forward with confidence in the AI space.
View the recorded Webinar: Recording – AI Unlocked Webinar
Contact us to get access to the AI Artifacts from the webinar.
🔒 Your Building’s Automation Systems Could Be Your Biggest Security Risk—Are They Protected? Avatar photo Written by
John Hart
February 11, 2025
Modern Building Automation Systems (BAS) work wonders: They power everything from HVAC and lighting to elevators, security, fire alarms and more. These systems drive operations toward much greater efficiency—but without the right security measures, they also introduce new cyber risks.
Hackers increasingly target BAS, seeking to lock out building managers and owners and demand ransom. The result? Disruptions that range from operational shutdowns to severe, costly infrastructure damage.
The good news: The cost to put in proper defenses is minimal. The cost of failing to protect the critical infrastructure is very high. Shambliss Guardian helps businesses assess their current security posture and implement proven defenses to keep systems safe—before an attack strikes.
Let’s talk about how you can strengthen your BAS security today. #SMB #Cybersecurity #ShamblissGuardian #BAS
Cost, Governance, and Challenges with Foreign Applications Avatar photo Written by
Aaron Kase
February 1, 2025
DeepSeek doesn’t indicate that they will keep your data private and not utilize it training their models. Certainly, a concern. Getting other AI companies to lower the cost and increase efficiency, is a big plus.
I’ll leave it to others to analyze what DeepSeek’s recent open-source AI app release means for U.S. AI industries and chip manufacturers. For me, here are the key takeaways that matter:
– Declining AI Training Costs: While the claim that DeepSeek trained its model for just $6M deserves skepticism, the broader trend of declining AI costs has been true since the beginning and remains true regardless of what DeepSeek actually did. Advanced AI tools will continue to improve in capability and become more accessible to businesses of all sizes.
– Caution with Foreign Apps: The rules about safeguarding confidential information still apply, especially when using tools from countries with different data governance standards. U.S. users should be careful about what they put into chatbot prompts unless they develop a truly private instance of the software that’s fully under their control.
– The Open-Source Opportunity: The move back toward true open-source AI means businesses have more opportunities to adopt these tools in a tailored way. But doing so responsibly—through proper governance and security measures—is critical to ensure safety and compliance.
The AI landscape continues to change at a dizzying pace – even for the experts. For businesses, the priority should be not just adopting AI but implementing in a controlled and secure way. #SMB #Cybersecurity #ShamblissGuardian
Guardrails for the AI Superhighway Avatar photo Written by
Aaron Kase
January 25, 2025
The security of AI and what data is exposed to the general public is a critical issue for all US companies. If you haven’t talked to an AI expert and attorney, give Aaron a call. It is imperative we protect our intellectual property. Concerns about utilizing a Foreign AI engine? You should have concerns.
AI is a powerful tool, but without proper governance, it’s like driving a car at full speed without brakes. 🚗💨 Governance ensures responsible use, protects sensitive data, and aligns AI tools with company values and regulatory requirements. Let’s get your organization ready with guardrails to gain the benefits of AI safely. Contact us to get your AI program in order before your data leaves the company! #SMB #Cybersecurity
Dan Hansvick
October 3, 2024
The Evolution of Cyber Liability Insurance: A Look Back
As digital transformation continues to shape the business landscape, cyber liability insurance has become essential for organizations of all sizes, particularly in the middle market. At DSP Insurance, we’ve seen firsthand how the cyber risk environment has evolved, and we’ve been at the forefront of helping our clients adapt to these changes – both through proactive risk management and the placement of robust cyber security insurance coverage.
The Origins of Cyber Liability Insurance
The story of cyber liability insurance begins in the late 1990s when the first policies were created to address the emerging risks tied to the internet and digital data. Back then, businesses relied on traditional insurance lines that were not equipped to handle the unique challenges posed by cyber threats. As the internet became central to business operations, the need for a specialized approach to cyber risk management became a necessity.
Early policies were narrow in focus, covering areas like data breaches and network security issues, and were largely targeted at tech firms and large enterprises. As these risks became more prevalent, insurers expanded coverage and offered broader policies across different industries, helping middle-market businesses access much-needed protection.
A Two-Pronged Approach to Cyber Risk
At DSP Insurance, we generally advocate for a two-pronged approach to cyber risk management. First, proactive threat evaluation and deterrence are essential to minimizing a company’s exposure to cyber threats on the front end. This involves assessing vulnerabilities, implementing cybersecurity best practices, education and training for teams, and continuously monitoring for potential breaches. Preventive measures not only reduce the likelihood of an attack but also help lower insurance premiums by demonstrating a commitment to risk management and presenting your business as a “best in class” risk.
Second, having robust cyber liability policies and effective risk transfer mechanisms ensures that, in the event of a breach or cyber incident, businesses have the financial protection they need. A well-structured cyber insurance policy covers the costs of data recovery, business interruption, legal liabilities, and more, allowing businesses to recover swiftly and limit long-term impact. This “offense” and “defense” approach helps insureds stay ahead of threats while safeguarding their operations.
Risk Transfer and the Expansion of Coverage
In the early 2000s, as cyberattack volume increased, insurers began offering policies that covered a wider range of cyber risks. This marked a turning point for businesses, including those in manufacturing, retail, and healthcare, who could now transfer their cyber risks as they did with other exposures like property and casualty exposures. Policies evolved to cover not only data breaches but also business interruption, ransomware, and regulatory fines, among others.
At DSP Insurance, we continue to educate our teams and partner with best-in-class carriers to help our customers navigate these changes by providing tailored coverage options that address the specific cyber vulnerabilities they face. Our two-pronged approach of proactive risk reduction and robust risk transfer via cyber liability insurance ensures our clients are fully equipped to manage the ever-evolving landscape of cyber threats.
Where We Are Today
The last two decades have been marked by constant evolution in cyber insurance. As technology continues to drive business growth, middle-market companies have become attractive targets for cybercriminals. In response, cyber policies have grown in scope and sophistication. Insurers now offer tools such as cybersecurity assessments, breach response services, and risk mitigation advice to help clients stay ahead of cyber risks.
As we look toward the future, the role of artificial intelligence and other advanced technologies will continue to influence the landscape of cyber risk and insurance.
For more information, feel free to contact Taylor Virgil at tvirgil@dspins.com or visit www.dspins.com.
Don’t Miss the DSP Cyber Summit on October 10th!
Join us on Thursday, October 10th for the DSP Cyber Summit, where industry leaders will dive deep into the practical application of Trust and Verify in cybersecurity. Don’t miss out on learning how to strengthen your organization’s security posture! Click here to secure your spot today.
Trust and Verify
Dan Hansvick
September 3, 2024
Business owners (CEO), finance/risk managers (CFO), and operations teams should follow the tenets Trust and Verify for cybersecurity. Trust and verify has been a standard for accounting and auditing firms for decades. Trust and verify is also a standard for governance risk and compliance teams.
I strongly suspect, though, that businesses are not consistently following trust and verify principles for their cybersecurity. CEOs and CFOs trust, sometimes without a basis in facts, the network and security teams’ statement “We are secure.”
This leads to three alternative business situations:
- The security leader (CISO) has the experience and the metrics to prove that the organization is secure. In this case, the company measures the success of its security controls and documents and tests its policies and procedures. The company embraces an external verification to confirm internal team expertise and its security posture.
- The security leader (CISO) states the organization is secure without metrics. The company acknowledges that it could improve its security posture. It documents its processes for many best practices, but not aways. The security leader welcomes an external verification to support requests for funding, products, and staffing. The organization embraces consulting expertise to help build a better security posture.
- The security leader (CISO) states that the organization is secure but can’t produce any documentation, processes, or testing results. The security leader advocates against documentation or process or testing and perhaps even delays or stonewalls an external review. All trust and no verification should be a warning sign to management that their organization is not properly protected.
Owners should be hesitant to trust when there is no verification. The effective security leaders we have consulted with have been proud of their work and happy to demonstrate the defense capabilities they have established.
It’s quick and cost-effective to have an external vendor perform a high-level security posture review that includes assessment of your security repository holding documentation and processes.
Oops! You don’t have a repository? You don’t have access to an encrypted location with security and network key applications and passwords? Consider: Are you being held hostage by one person in the organization with “Keys to the Kingdom?”
Private message me to discuss strategies to align leadership statements on security posture with verification in 15-30 minutes.
The Cybersecurity Budget Paradox: Are We Asking the Wrong Questions?
Dan Hansvick
July 29, 2024
Cybersecurity budgets are tight, and a recent Economic Times CISO article suggests cybersecurity funding, or lack thereof, is a critical issue. The article’s focus is Indian-based organizations and admittedly, the stats are alarming:
India experienced a 46% year-over-year increase in cyber attacks 3,201 attacks per week on average targeting Indian organizations The average Indian company allocated less than 10% of its IT budgets to cybersecurity But here’s the controversy: Are we focusing too much on budget size and not enough on budget efficiency?
Consider this: Some organizations with massive cybersecurity budgets still fall victim to attacks, while others with modest budgets maintain robust security. Why?
The answer might lie in how we approach cybersecurity, not just how much we spend on it. Perhaps the solution to our budget woes isn’t always more money, but more creativity in how we use what we have.
Here are some possible strategies:
Optimize what you have: Ensure all your tools are pulling their weight Prioritize based on risk: Not everything needs top-tier protection Leverage AI and automation: Let machines handle the grunt work Educate your team: A well-trained workforce is your human firewall Speak the Board’s language: Translate tech-speak into business impact What if the key to better cybersecurity isn’t in your wallet, but in your approach? Instead of “How much should we spend?” we ask “How can we spend smarter?”.
Some have credited Albert Einstein with the quote, “If I had only one hour to save the world, I would spend 55 minutes defining the problem, and only five minutes finding the solution”. While he might not have actually said this, it’s a powerful statement nonetheless.
It’s time to rethink our cybersecurity strategies. Let’s start by asking different questions. The answers might surprise us.
The Imperative of Cybersecurity for Building Automation Systems
Dan Hansvick
July 19, 2024
In the era of smart buildings, where everything from temperature control to physical security is managed by interconnected systems, security for building automation systems (BAS) is a must for all owners and managers.
Vulnerabilities in Building Automation Systems:
- Legacy Systems have outdated BAS technologies
- Interconnectedness risks compromise of every system
- Remote Access often uses insecure methods
- Third-Party Integration increases the attack surface
- Lack of Security Awareness can lead to overlooking BAS security risks
The consequences of inadequate cybersecurity measures for BAS include:
- Data Breaches of client information
- Disruption of Operations can result in uninhabitable buildings
- Physical Security Threats means possible unauthorized access, theft or physical harm to tenants
- Energy Tampering results in financial losses
- Reputation Damage tarnishes both reputation and financial results
Best Practices for Securing Building Automation Systems:
- Incident Response: Retainer, plan, and test
- Network Segmentation: Isolate BAS
- Visibility and Continuous Monitoring: Document and monitor
- Access Control: Establish multi-factor authentication
- Vulnerability Management: Manage internal and external vendors
Building automation systems continue to evolve and become more interconnected. By implementing robust security measures and staying vigilant, building owners and managers can ensure the safety, efficiency, and resilience of their smart spaces.
AI is changing the way buildings are managed
Dan Hansvick
July 15, 2024
AI is changing the way buildings are managed for all the reasons in this good article. It is also changing the way they are being attacked by cyber criminals. Building Automation Systems can be overlooked as an attack vector and need to be protected like any other assess to avoid:
Material damage costs o Property destruction o Loss of life and bodily injury
Non-material damage costs to Business interruption o Contingent business interruption, loss of shareholder value, loss of data, uninhabitable buildings, bricking of critical machines and infrastructure
Attackers are using AI against us. We need to use AI to fight back. Humans are not fast enough for AI driven attacks.