Our services.

We create resilience through simplicity.
and systematic reuse of experience.

Inspiration meetingAbout us

Strategic cyber security.

Security starts in the boardroom - not in IT.

Cyber security should be part of the business. Not an afterthought.

We help you to:
 Develop a clear strategy and goal for security efforts
 Translate requirements such as NIS2, ISO 27001 and DORA into action
 Create management buy-in through visualization, not reports
 Make governance an ongoing decision-making process, not an archive

We use the LEGO® Serious Play® method. It's both involving and very effective - and it's also fun.

Build a strong cyber department.

Many cyber departments grow as they go.
They become heavy, unmanageable and inefficient.

We help you to:
 Define how the department should work - and why
 Create clear roles and responsibilities that match your reality
 Ensure teams are connected and communicate
 Make reporting simple and meaningful

Our approach:
 We start with your goals - not standard models
 We design for operations - not slides
 We build structures that can grow with you

We use our own artist to illustrate your reality and goals.

Behavioral design.

Security is a behavior. Not just a process.

If people don't understand the threat, no technology helps.

We design learning and behavior that works in practice:
• Communication focused on behavior, not "we told you so"
• Training for management, key people and employees
• Simulations and role plays: phishing, incidents and crisis management
• Measuerable development of your security culture

It's not about informing. It's about changing behavior.
The employee is not the weakest link. They are your strongest asset.

Security architecture
and processes.

Good security happens when technology and people work together.

Many security projects fail because processes don't match reality.

Our work starts with questions:
•  What threats do you really face?
•  What does your system landscape and workflows look like?
•  Where do small changes create big impact?

We help you:
•  Map your architecture and threat landscape
•  Design processes for incident management, monitoring and vulnerabilities
• Develop simple solutions that work - even when budgets are tight
• Ensure robust relationships with suppliers and partners

We bridge people, systems and compliance.

Cyber 360 Analysis.

Start by asking the right questions.

A Cyber 360 analysis is not just a check.
It's a new way of looking at your security.

You get:
• A holistic view of your maturity and risks
• Analysis of the technical, the organizational and the cultural
• A clear overview - without drowning in details
• A plan you can work on yourself

We use frameworks as a compass - not a template:

ISO 27001, NIST CSF, CIS Controls, NIS2, DORA
- and our own Rethink principles.

What's in it for you?
• Clarity on where you are - and what really matters
• A realistic and prioritized action plan
• New angles that may surprise you - but make you stronger

Are you brave enough to see yourself from the outside?

Platform-driven cyber governance.

Governance should not slow you down. It should move you forward.

Many feel that governance has become a burden.
Too much control. Too little action.

We change that picture - with platforms like ServiceNow and similar Integrated Risk Management (IRM) solutions:

• Design and implement governance processes that get used
• Automated workflows, self-help portals and intuitive user journeys
• Key risk Indicators (KRI) and compliance reports that make sense
• Integration with your other systems - from AD to security logs

Our approach:
• Visualize governance as flow and behavior - not as checklists
• Focus on usability and cross-functional overview
• Think business before technology

Governance should be a tool. Not an Excel sheet with authority.

Risk management.

Risk management is a process of prioritizing to get the most out of the resources you have available.

Risk management often becomes too heavy and complicated and gets in the way of organizational implementation.

We bring simplicity and lightness to the table, drawing and storytelling so that everyone can participate.

We test the process with you and see if it will work in practice.
When the process works, we implement it in your organization.

Our approach:
 Simplifying heavy processes
• Communicating with drawings and gamification
• Testing and ensuring usability
 Possibility of process automation with GRC platforms

Emergency preparedness and crisis management.

We are among the most experienced consultants in the country within emergency preparedness, crisis management and resilience.

With experience from more than 60 companies, we have tested all concepts and models in practice and improved the approach along the way.

That's why we don't take a theoretical approach to preparedness.
We develop a practice that is well documented and meets all the requirements of e.g. DORA and NIS2,

Here we deliver:
 Crisis management plans
• Technical recovery plans (TRP/DRP)
• Business continuity planning (BCP)
• Crisis communication
• Education and training
• Emergency response exercises

We would love to share our experience with you.

Let us inspire you.

We solve complex challenges, and we would like to solve yours too.

Tell us what's difficult, and let us share our experience with you and show you a way forward. We have probably tried it before.

‍We aim to inspire you and deliver value within the first hour. And we do this free of charge.

Try us.

We have received your request and will get back to you as soon as possible.
Something went wrong, restart the page and try again.