Security Services
Fractional CISO
Mid-sized organizations face the same Security threats, regulatory and client requirements as larger entities, but often lack the funding to hire a full-time Chief Information Security Officer. This is where we come in big for our clients - offering a Fractional CISO service. This is essentially a retainer that ensures you have a dedicated CISO for an agreed upon number of hours per month. It also ensures you have access to k2 partner firms, and the flexibility to quickly expand the hours in urgent situations.
​
Occasionally, our clients have a need for an Interim full time CISO. This could be due to an incident, acquisition, a sudden regulatory or client requirement, or the departure of the existing CISO. We can fill this gap and if desired, leverage our recruiting partner and network to help you source and place the new CISO.
Strategy & Business Alignment
Alignment of your Security Strategy with the critical goals, direction, regulatory environment and risk profile of your organization is critical to the program's success. If it reflects these critical goals and has alignment with key Executives, you are well positioned to launch and accelerate.
​
k2 has the experience and Executive level presence to guide your organization through this process.
Maturity Assessment
Often the business case for your Security Program will require Security Maturity Assessment to quantify and understand the starting point. Periodic re-evaluation by a third party also provides an independent view of the progress being made each year.
​
k2 has experience performing these assessments utilizing the NIST Cyber Security Framework and other industry standards. We can also create a customized Framework that incorporates the regulatory and geo specific standards applicable to your organization.
Program Management
The Strategy and Execution of your Security Program will ultimately determine the success or failure of meeting your Security Maturity goals. Key decisions, partnerships, funding and deployment strategies, org and engagement models all affect the trajectory and success of the program.
​
Program Management is a core offering of k2. We bring deep experience successfully deploying the security program for a Global Fortune 500 over a 5 year period, and course-correcting a struggling Program at a Fortune 150.
​
For additional insights, check out this LinkedIn post by k2 Founder, Dan Burgoon.
Operating & Org Model Optimization
The sustainment of your Security Program and Security Operations is hugely dependent on the correct Organizational Structure, reporting lines, Operating model, and KPIs.
​
k2 has experience in dozens of organizations from smaller government entities to the Fortune 150 and everything in between, and the conclusion - there is no one-size-fits-all. The truth is, the Org Structure and Operating model needs to fit your business or agency, considering the size, industry, business model and culture. We can help you setup a structure and model that minimizes friction and ensures the necessary collaboration and free flow of information, even in the most complex of organizations.
Ransomware Resilience
Ransomware and data leak extortion are a threat to us all. Let us help you develop and deploy a rapid and robust response strategy, to minimize business disruption in the event of a ransomware or extortion attack.
Partner Services
k2 has an array of partners that we can quickly engage for:
-Managed Detection & Response
-Breach & Attack Simulation
-Product Security & Secure Coding Platform
-Incident Response
-Penetration Testing
-Product Security
-Operational Technology (OT) Security
-Security Architecture
-Cybersecurity Recruiting