Today’s cybersecurity must go beyond the traditional reliance on technical controls to be focused on achieving business results as an integrated part of the corporate governance, risk, and compliance (GRC) program. “Companies need pragmatic solutions that focus on achieving business goals at reasonable risk. Let’s face it, nobody has unlimited resources. We need to allocate what we have – people, time, energy, dollars – where they do the most good. That takes experience, not hype.” says Alex Sharpe, Management Consultant & Principal of Sharpe Management Consulting. With his 35 years of hands-on experience in both cybersecurity and Digital Transformation. Alex understood these imperatives and founded Sharpe Management Consulting — one of the few market players focused on what makes the business stronger, not just buying new technology products. “The threat actors just need to find a single weakness to exploit. It is not realistic to think you can protect all things at all times. Having a multi-layered strategy of protection, detection, response, and recovery is the most cost-effective way to go. Organizations must also recognize they cannot go it alone. Collaboration with Government and across industries is essential especially when dealing with global actors.” adds Alex. “Everything at Sharpe has been designed to help you achieve your business goals while managing cyber risk.”
The company uses a three-step Gap Analysis to engage with its clients. The first step is to understand the client’s business and the world they live in. It is not only important to understand the usual stuff like the business model, financials, and culture, but it is also necessary to understand the people and the organizational dynamics.
Everything at Sharpe has been designed to help you achieve your business goals while managing your cyber risk
Without that, you cannot fully appreciate the value and what it takes to get things done. With that in hand, Sharpe works with stakeholders to craft a future state.Having agreement on our current state and future state, we craft a roadmap with milestones to close the gap. “We help our clients envision what they aspire to be, a few years down the road. Knowing where they are, and where they want to be we can map out a series of pragmatic steps to close the gap,” continues Alex. “Cybersecurity is no longer the domain of IT. Instead, it is a board conversation. It must be managed like any other risk – in a business context. Cyber is different in one very important way. Cyber is the only risk that can affect all of the others.”
To further illustrate Sharpe’s services, Alex shares a couple of stories where they successfully helped the clients fulfill their cybersecurity needs. In one instance, a wellknown publicly-traded company failed an internal audit. The Board initially charged IT with remediation. After four months without progress, the Board came to Sharpe. Sharpe stepped in and completed the task in just six weeks. Another publicly traded company wanted to bring a new service offering to market. “They had their top-level strategy, but needed to put some meat on the bones. Upon understanding their needs, we performed a rapid three hundred sixty degree review covering everything from governance, to financial reporting, to technology. We consolidated the portfolio, automated processes, and created a new service offering. The client was the first to market with a very unique offering and a $2M annual cost savings, more revenue at lower costs. It does not get much better than that.” prides Alex.
As the cyber landscape continues to evolve, Sharpe remains dedicated to helping organizations achieve their business goals while mitigating cyber risk. Moving forward, the company is planning to focus on what executives are struggling with the most; cyber governance, Critical Infrastructure Protection, and third-party risk management (TPRM). “Sticking with our strategy of helping organizations go to the next level, we will continue to help progress the state of the art and produce thought leadership. A certain amount of our work will always be reactionary, that is the nature of the beast, as such we are always prepared to respond,” concludes Alex.