Our Purpose

CISOCON is here to rethink & redefine the security defense game.

We've been seeing 3 fundamental problems in the industry that drive our why. You may find it valuable to understand what they are.

Driving Forces of Our Company

01.

Asymmetry between Attack & Defense.

Asymmetry is likely the most fundamental problem in the industry today. It describes the imbalance that exists between attack and defense - These days companies are forced to invest substantial time and resources to maintain adequate defense capabilities while hackers get away with a fraction of that effort, only to find a single, high-impact attack vector. As it stands, attackers have the asymmetric advantage. They have to be right only once whereas defense seemingly must not fail at all.

We have made it our mission to develop solutions that flip this asymmetry to give defense the strategic advantage. The objective is to make it extremely cumbersome for attackers to break in, next to impossible to not be detected and very difficult to cause any lasting damage.

02.

Too much Chaos. Not enough Best-In-Class.

In a sober assessment of most companies security maturity status, one has to conclude that the term Chaos describes best what is still reality in 2020.

The chaos state is characterized by numerous properties. Unclear or no resposibility for security, lack of attack surface visibility, substantial security debt, obvious vulnerabilities or breaches & incidents that come as complete surprise. Fortunately, the underlying reason for this devestating verdict is not a lack of willingness among company's decision makers. It is merely the question of how to truely get the job done and build strong defense capabilities that work in practice.

CISOCON's mission is to reinvent the way defense is operationalized. We want to see more companies with structured security programs, implemented security hygiene and continously pushing for best-in-class.

03.

Lack of Operational Speed.

Most CISO Organizations and defense teams lack operational traction and the speed they ought to have to get ahead of the curve. The reason for this is manyfold. However, even well-staffed defense teams typically need months to understand their environment, develop a security program and start making results.

This lack of speed is diametrically opposed to the agility companies and products are build with. The fact of the matter is that security teams need to increase their output and results probably 10x or more to keep up with the innovation they are meant to enable.

CISOCON works to develop strategies, methods and techniques that accelerate businesses and only leave dust for the bad guys.