consulting

consulting

Who is it for?

If you’re looking for support to help with a strategic, transformational shift in the areas of Information Security, Governance, Risk & Compliance (GRC), or Privacy, we’re here to help. If you’re looking to build something completely new that makes sense with where your business is now and where it wants to be, we will help you make that change happen.

This is not typical consulting work delivered in slides, it’s based on conversations to understand what’s challenging, and what you really, really want for the future.

Let’s work together

Getting to know your business, your culture, and your team will take time. You know it much, much better than we do. We ask lots of questions in order to get to know you and unpack what will ultimately be a beneficial approach. The length of time that we’re working together is entirely customized to what’s needed for the shift you want. 

Together we’ll understand the challenge you’re facing, in concrete terms, first and foremost. We’ll get into the detail of the tough work already done, the experiments you’ve tried, and the hunches you have for what’s needed. 

Using whatever tools or platforms make sense, we’ll build a vision of the desired state, what our ideal outcome is together, and how we’ll make sure we’re on target to get there. Throughout our work together, you can trust us to ask thoughtful questions, use real language (no buzz!), and focus heavily on change & development related to people and teams. 

  • Fractional CISO, GRC Leadership, or Strategic Advisor roles
  • Balanced GRC Assessment (GRC + Culture & Team Analysis)
  • Developing an action plan for strategy, using SWOT + TOWS Analysis
  • Team Working Agreement development
HELPFUL LINKS

We don’t need all the answers, we need something else, according to Seth Godin. (2 min read)

Want to find out more about Jason’s thoughts on building cohesive and effective risk management programs? Here he’s on The Risk Grustler’s podcast, sponsored by Scrut, talking about “the softer side of risk” – how we can develop Risk Management programs within our organizations taking consideration of unique and complex needs of the people and teams involved. Risk Management doesn’t have to be a stale, crunchy, and cold process; let’s design it as a proactive engine, seen and felt as a valuable capability helping us learn and adjust.

we’ve been privileged to serve clients such as

testimonials

What clients says about us

Jason was excellent as an external Chief Information Security Officer (CISO) for Valon. He helped bridge a major change in our security program – taking over from the old team, stepping in for a couple of months, and helping us find our next full-time CISO. In his limited time, he was able to keep things afloat and still make some targeted improvements. During all of that, he was an absolute pleasure to work with. I would recommend working with Jason to anyone!
Head of Engineering & Co-Founder
New York