Mark Rorabaugh
Chief Executive Officer
CISSP, CISA, CRISC, SECURITY+, NETWORK+
Having the right knowledge, and high confidence in that knowledge, is critical to making well educated decisions. Failure to do so can have drastic ramifications on your organization's reputation, finances, or in some cases even peoples lives.
STRIX SECURITY can provide you the confidence you need by implementing a security framework catered to your organization's particular needs. We don't stop there, however. We independently test your organization's implementation in order to provide management with and concrete evidence that a good security posture is in place.
Data is the backbone for your organization. It effects the decisions that your organization makes. Disclosure of your organization's data can lose a competitive advantage, or have others lose faith in your organization. If the integrity of your data is in question, how can you have confidence in the decision made using it?
STRIX SECURITY can help you organize your data so you know where it resides, who has access to it, and when and how it is modified.
Technology is everywhere. It's easy to see the convenience and benefits, but is it so easy to see the risks? Consider that every piece of technology around you is a potential threat to your organization. When viewed in such a way, the challenge is not only daunting, but seemingly impossible.
STRIX SECURITY can break this herculean task into a few simple processes. We can to prevent the introduction of technology that can be harmful to your organization. We can allow you to detect and prevent the addition or removal of rogue devices. We can also make sure that new technology you purchase will not introduce new vulnerabilities to your security posture.
Don't hide from it. Insiders are one of your organization's greatest threats. Don't believe us?
Whether it is simply someone making a mistake that allows adversaries or malware onto your systems, or a disgruntled employee hell-bent on the total destruction of your organization, STRIX SECURITY has tools and procedures to detect, defend, and recover from insider threats.
Know thy enemy and Know thyself
Fear Not A Hundred Battles.
A security strategy that fails to properly align with your organization's goals will certainly not be effective and most likely will not even be implemented. By understanding your organization's mission and goals, we provide a security framework customized to your organization that explains to management, employees, and even venders why security is important and what their responsibilities are.
The largest threat to our organization is understimating the adversary. Making assumptions that no one is interested in exploiting weaknesses in your organization, or that generic solutions are sufficient. We understand the adversaries. We know how they think, the tools and methods they use, and how capable they are. We know what attracts them, and what disuades them.
The threats are increasing. The adversaries are becoming more sophisticated. You must be prepared.
We aren't going to sugar coat it, there is a lot of bad security out there. Your organization isn't the same as every other organization. The threats against your organization arn't the same as every other organization. So why should your defensive strategy match every other organization? Generic solutions will only defend against generic threats.
We determine which threats affect your organization's goals. We then create a specific defense strategy catered to meet defend against those threats. We use defense-in-depth to ensure that failures in particular technologies or procedures do not cause a failure in your overall defensive posture.
Can you imagine if doctors, police officers, or firemen didn't test their skills and procedures? That would surely be crazy. Too often, organizations spend valuable resources creating a strategy but fail to adequately test it. It is imperative that this testing occur not just once, but on a periodic basis to ensure that the strategy is still effective.
We can play the part of the adversary. Testing your strategy in a controlled and methodical way, ensuring that you discover any weaknesses prior to your adversary.
Management of many is the same as management of few. It is a matter of organization
Chief Executive Officer
CISSP, CISA, CRISC, SECURITY+, NETWORK+
Vice President/CISO
CISSP, CRISC, SECURITY+, NETWORK+
Chief Administrative Officer
CISSP, SECURITY+
Technical Strategy Advisor
The unseen enemy is always the most fearsome.
After recent attacks against U.S. financial institutions, the power grid, and other critical infrastructure, the administration issued executive order 13636 to combat these threats. The framework is titled Preliminary Cybsersecurity Framework.
Why risk getting caught carrying drugs across borders, when you can get shipping companies to do it for you? Computers at the Port of Antwerp were hacked using physical clandestine devices, such as keyboard loggers and hacked power strips, in order to track containers storing drugs.
Executives are now more concerned with corporate reputation than with their competition. The risks posed to that reputation by security threats are very real and pressing. To address these threats, some have chosen to increase the frequency and budget for monitoring risks.
If you are currently under attack, or have been compromised, please call our toll free number: 1.855.447.8749.
We'd love to hear from you. Whether it is interest in our services, questions regarding security, or just to inform us of something interesting.