Cybersecurity consulting and services tailored to your business —
one size does not fit all.
Cybersecurity and privacy are moving up in priority for businesses given the proliferation of attacks and costs attributed to the response and recovery from a breach. It is no longer a question of IF you will experience an attack, but WHEN. The average cost of a breach was $3.86 million in 2018 and that is trending up year over year. In regulated markets such as healthcare, that can double due to fines levied by regulators for each affected person or “record”. This is a massive liability that has led to client and investor pressure with a flood of vendors offering tools and services — though not all are effective or return good ROI. Breaches can be avoided, or at least the costs dramatically reduced, with proper planning, processes, and practices.
Cylidify provides guidance, consulting, services, and referrals to meet your cybersecurity and privacy needs aligning to a recognized framework — such as NIST’s Identify, Protect, Detect, Respond, and Recover. We were founded by individuals with years of technical and leadership experience gained while working at enterprises such as Microsoft and in sensitive markets like healthcare. Our goal is to make quality, tailored cybersecurity and privacy accessible and broadly available. We take pride in staying current in this rapidly evolving space practicing agility everything we do. Our focus is on technical businesses developing or integrating software and services and we can offer depth in public cloud (e.g. Azure and AWS), mobile/devices, and IoT technologies and markets that handle personal or sensitive information. However, we do work end-to-end and have experience with businesses ranging from the entrepreneurial through to enterprises. We are here to help and promise to listen and understand before offering solutions.
Get in touch today to learn more or schedule a time to discuss your needs with a Cylidify consultant. We promise to make good use of your time and will not bother you with frequent or unsolicited follow-ups.
Approach and Methodology
At Cylidify, we are direct and candid, but always constructive. We tell you what you need to hear versus what you might want to hear maintaining discretion and confidentiality. We help develop a deep, shared understanding of the risks and issues, then work with you on remediation tailored to your business. We are highly technical, but agile and adept at balancing across the capability, risk, privacy, and legal/compliance aspects. We favor people and processes over tools and platforms, but strive for balance advocating agility via baked-in versus bolted-on approaches. Whether we engage tactically or strategically, it will always be tailored and timely delivering real value.
An overview of our highlighted, foundational offerings below, or scroll to the end for more information about Cylidify's culture and tenets. You can get acquainted via the website, but we recommend contacting us to discuss your needs and engagement options. If you are experiencing an attack or investigating a breach, please call.
We also have end-to-end Offerings complimented by referrals and brokering to help meet the specific needs of you and your business.
Assessments and Planning
Being aware is the first step to being prepared and responding...
Conduct assessments to establish a baseline, hone an existing plan, cover a specific risk or incident, or prepare for an audit or certification. These are not intended to be heavy, one-size-fits-all assessments and will be tailored for your business and market. We have add-ons to cover specialized functions (e.g. application development and deployment, or systems/services integrations) or market verticals (e.g. healthcare or IoT). Initial consultation is no cost while baseline assessments are structured to be low-cost and time-bound — Cylidify is able demonstrate our capabilities and you get real, immediate value. We cover your business and its assets such as systems, services, and data for the following:
Due diligence including interviews and direct evaluations to discover and list assets with their associated controls
Review and analysis of processes, practices, and evidence
You will receive a confidential report documenting the risk and issues with high-level recommendations for prioritization and resolution.
Security and Privacy Training
People are your most important asset (and highest risk) – provide them with the necessary fundamentals and training...
Provide instructor led or online training supported by the development, implementation, and maintenance of cybersecurity policies and practices that align to your business needs. We offer training on key security practices and general awareness specializing in training for technical teams (e.g. architecture, development, and operational teams) doing application development or solution integrations:
Security Development Lifecycle (SDL) overview and value proposition
Threat Modeling practice basic training or advanced training focused on a specific project or vertical — you’ll get an overview and “lab” time to design and analyze a project of your choosing
Phishing, asset protection (e.g. data and laptops), incident response, etc.
Data handling and privacy including de-identification requirements, standards, and best practices
Training ranges from “off-the-shelf”, tailored, or a hybrid to cover your ad-hoc or yearly requirements. Cylidify can provide post-training support via whitepapers, blogs, and curated content to keep your organization current on emerging threats specific to your business and the larger security and privacy landscape.
Security Development Lifecycle
Providing your organization the framework and practices they need to infuse security and privacy into the development lifecycle —"baked-in" versus "bolted-on"...
Development, implementation, and tuning of cybersecurity policies and practices that align to your business needs - again there is no one size fits all:
Creation and implementation of a Security Development Lifecycle (SDL) with phases and practices tailored for your business and market
Direct engagements to assist with security and privacy needs in architecture and design, application development, and operations SDL practices as well as supporting incident response and remediation efforts
Cylidify has expertise in the architecture, design, and development of applications and services (solutions) with a strong belief that infusing security and privacy into your SDLC leads to long term value. Earlier is always better (i.e. baked-in versus bolted-on) with the understanding that a business must also be able to quickly respond to threats or attacks.