STRATEGIC CONSULTING

NON-CONFORMIST INNOVATION AND STRATEGY

In these engagements, I help CTOs and their teams raise the bar for innovation that brings clarity to the strengths, weaknesses, opportunities and threats to their product and business. Once the team is aligned on the mission and objectives, I create a strategic framework that ensures the collaboration in functional areas (sales, marketing, IT, etc.) that project charters are understood and follow up with quarterly health checks.

To learn more, you can start a chat or schedule a meeting with me.

IAM AND RISK ASSESSMENT

In these engagements, I help CISOs and their teams to better understand, explore and quantify the hidden risks and gaps in their IAM program. Every program comes with risks. Not acknowledging them or planning for them will only put the program at risk of failure (best case) or leave the business vulnerable to a data breach.

You will receive objective scoring and actionable insights in the following categories:

  • People/rare skill risks
  • Cultural and process risks
  • Technology risks
  • Project and program risks

Each assessment includes detailed recommendations to help you develop your high level roadmap and compelling business case for investment and risk mitigation.

To learn more, you can start a chat or schedule a meeting with me.

COMPROMISED CREDENTIAL RISK ASSESSMENT

It is no longer enough to answer the question, “Have I been pwned?” Leading security practitioners assume a state of breach. Forward-thinking organizations have begun adopting advanced cloud security services that help answer the question, “How at risk are my users and is my organization to the risk of compromised credentials?”

In this engagement, I work with your team on-site to scan your directories and  deliver a tailored report that quantifies the risks and shows you how exposued your users and business are to compromised credentials. This report will help you answer the following questions:

  • Are my current passwords leaked or reused?
  • How at risk are the executives and privileged users in my organization?
  • How can I verify compromised credentials without ever revealing the account identifier or the credential to the service provider?

Each assessment includes detailed recommendations for working with 3rd party vendors to protect your users’ credentials, vendor evaluation criteria, and planning considerations for integration use cases.

To learn more, you can start a chat or schedule a meeting with me.

WORKSHOPS

MANAGING IAM IN UNCERTAIN TIMES WORKSHOP

A highly effective identity and access management program will always deliver business value. How a company manages its systems and information is intrinsically more valuable than the technology itself. Improving the security of IAM requires forward-thinking organizations to look beyond technology and get crystal clear on the strategic direction and management issues today to exploit tomorrow’s opportunities.

In this workshop Steve talks in-depth about the exestential risks that IAM programs are confronted with today and delivers cutting edge strategies for improving the security of identity and access management while delivering superior user experiences.

Though the agenda can be tailored to the needs of your team and business, the topics that Steve talks about generally include:

  • Trends in enterprise IAM (w/ Steve’s commentary)
  • Risk-aware IAM is the new black
  • Frameworks & guidelines
  • Management challenges (and fixes)
  • Handling politics and sensitive stakeholder issues
  • Integration and support for heterogeneous platforms
  • Multi-cloud security and risk management
  • Achieving operational excellence
  • Working with managed service providers
  • Career path, challenges and strategies for IAM professionals

To learn more, you can start a chat or schedule a meeting with me.

“Steve, I loved the post about Culture and IAM. So much that I took a few wisdom out of it and emailed it to my boys. Well done my friend. Someone has to push fat cats and tell it like it is. Cheers, Toly!”

– Anatoly Smolyansky

Making The Business Case for Identity Threat Protection

In early December I recorded a podcast with Rick Orloff (formerly eBay CISO ) a Jeff Heilman (25+ year sales executive & entrepreneur) on Making The Business Case for Identity Threat Protection and thought you and/or members of your team would be keen to give it a listen. Key takeaways: 1.) you have 15 seconds to deliver disruptive insights to executives, and 2.) adapt your message to the audience.

“What is your personal rate of innovation?”− Steve Tout

“The only thing that is going to ultimately renew you is getting obsessed with your purpose.”

− Grant Cardone

“You can focus on things that are barriers or you can focus on scaling the wall or redefining the problem.”

− Tim Cook

“Learn to work harder on yourself than you do on your job.”

− Jim Rohn

“Transformation is a never-ending journey, for your company, your team, and for you.”

− Beth Comstock