Your security program can’t work without your users and senior managers getting onboard.

Fortunately, we can help in this, we do it all the time and it’s what we do best.

When I started this business I wanted to solve two common gaps every organization seems to have, senior management largely uninterested in corporate security programs, and users who go through the security awareness training process without gaining better understanding of the security program at large.

I wanted better training for non-technology users, while also showcasing the immense effort involved in security programs, no matter the maturity level. I also wanted senior managers to shift their narrative from security as an after-thought, to security as a core component of business success.

At Syntax Security Solutions, making security programs matter to everyone is what we do best, so if that’s what your program needs, feel free to reach out.

Thank you for stopping by!

Yours Truly in Security Self-Awareness,

  • A.J., Founder & Managing Director, Syntax Security Solutions

The Long Story, Short

I knew I was on to something when I was teaching a PCI class with an unfortunate time slot, 4-6PM on Fridays. To add insult to injury, this was during the Winter semester where it’s dark most of the day, and the very tail end of a long week meant I shouldn’t put a lot of stock into an attendance policy.

To align the PCI standard with something interesting, I conceived a table-top exercise for a fictional e-commerce company and divided the class into different teams responsible for resolving an information security breach. Armed with an arsenal of whiteboard markers, 30+ borrowed D20 dice, and a lot of improvisational comedy, a new way of training was born.

Showcasing how an incident is resolved and presenting each topic as a bite-sized teaching opportunity, meant that anyone could see a critical part of a business security program, no background experience necessary. Presenting the impact to the business and reinforcing good security concepts, end users will see the importance of good security and strive to actively participate in your program, while senior managers observe the significant costs associated with breach response, even when a lot of luck shortens the IR curve.