SUSA

What we do

In a world of security services focused on hard technical skills, common “best practice” approaches, and the newest hype curve, we choose to follow the road less traveled. Instead of accepting conventional wisdom in cybersecurity, we look to challenge and evolve it. We choose to focus on soft skills and sustainable systems.

SUSA services bring an entrepreneurial mindset and interdisciplinary approach to security. We are multi-lingual and can do “tech-speak”, “security-speak”, “design-speak” and translate it into “business-speak.”

Here is how we operate:

  • We are people-centric
  • We ignite creative tension
  • We are purpose and performance-driven
  • We look to “mind the gap” to ensure the spaces between abstract strategy and concrete action—and—hard technical strengths and weak soft skills are closed.

Cybersecurity Culture Cultivation

Peter Drucker famously said, “Culture eats strategy for breakfast.” Culture stems from the culmination of both individual and collective actions. And those collective actions can determine if you hit or miss your security objectives.

To triage your current cybersecurity culture across the organization, ask yourself:

  • Is there a shared cybersecurity vision?
  • Do your teams use a common definition of risk?
  • Is there a clear delineation of strategy to tactical actions?
  • Do you know if your teams are working on the right things?

If you said “no” or “not sure” to any of the above, there may be communication gaps in your organization. Think about how much these gaps can cost you. Time, money, productivity, and insights may be falling through the cracks!

Our services look to systematically identify gaps and help teams “mind the gap” to create a connective tissue that sharpens strategy and strengthens culture. By connecting-the-dots, the security organization can holistically close gaps and enhance the overall security posture.

SUSA sitting, looking at camera

Cybersecurity Storytelling and Communications

People are often advised to “tell a story” to better communicate complex cybersecurity topics and better inform the organization on cyber threats and risk but are rarely given guidance on how to do that effectively. In our experience, we have observed that the “soft skills” are often hard to find because it can be a scarce skillset among security professionals.

Try this quick storytelling and communication diagnostic to determine your current state:

  • Have your teams been coached on how to tell a story?
  • Do you have teams that can do “tech-speak” or “security-speak” but not “business-speak”?
  • Are soft skills (e.g. communication, collaboration, cross-functional coordination etc.) in need of sharpening among your security teams?

If you said “no” to the first or “yes” to either of the last two questions, there may be skill(s) gaps that lead to capability gaps within your organization.

Our services look to empower security individuals, teams, and divisions to communicate horizontally across teams and vertically within the organization. By investing in teams, you can increase the tensile strength of stakeholder communications to enhance governance and drive resiliency within your organization.

*e.g. acronyms galore, technical jargon, content that appears encrypted despite being in plain text

SUSA Teresa with whiteboard
Get started