Strategic information security advisory firm Zyston on Tuesday announced its official launch of operations. The Dallas, Texas-based company provides tailored solutions that enable organizations across the globe to make informed, intelligent decisions related to the security of mission-critical assets.
The company has raised $3.7 million in Series A financing and has secured a number of client contracts with corporations including Fujitsu, Capgemini, Bridge2Solutions and Access Insurance.
Co-leading the Zyston CISO Advisory Services, which assists organizations in the design, development and ongoing execution of effective information security programs, are industry veterans Jonathan Steenland, former CISO at Fujitsu, and Richard Dorough, former Senior Managing Director of PwC’s Cyber Breach Response Practice and former Global CISO at Textron.
Steenland and Dorough were kind enough to answer some questions via email. Below is an edited version of that exchange.
Why launch a new advisory firm now?
Having worked with hundreds of companies across all industries, and being CISOs ourselves, we know there is a significant shortage of experienced security talent available in the market today. Schools are just now beginning to offer strategic cybersecurity courses, and the curriculum of these programs is often not aligned with the reality most CISOs deal with day-to-day. Zyston’s goal is to help bridge that gap. By working with universities and providing accelerated career path opportunities that include mentoring, coaching and leadership development, we aim to attract and retain the best of the best and become the premiere trusted advisor for information security to our clients.
What are the most pressing needs of your clients?
There are many good systems integrators, technical advisors and VARs in the market today. Our goal is to address the strategic cybersecurity skills gap by providing CISO Advisory Services focused on the board down to the CISO.
Security talent is notoriously hard to find. How is that shortage impacting your clients?
Security talent is notoriously hard to find, and it results in organizations making poor security decisions. Companies often place inexperienced individuals in these roles, which typically leads to a false sense of security. With the significant increase in high profile security breaches, CEOs and boards are demanding access to senior level security executives who have the credibility, experience and ability to communicate risk in a way that is meaningful to their business.
Does being an outside advisor put you in a better position to create security programs that are aligned with business needs, as compared to, for example, an in-house security team that reports to IT?
Yes, being an outside advisor does put us in a better position to create meaningful security programs. We not only add a fresh set of eyes, but we bring tangible security experience to the table. Our CISOs at Zyston collectively have decades of experience building and leading security programs with some of the largest and most complex companies in the world, many of which are Fortune 250 corporations. This experience allows us to quickly develop strategic and innovative security programs that are tailored for each client instead of a compliance-driven, cookie-cutter approach used by many consultants today.