Blog Post
by Den Jones

Intro to 909Cyber

Let's start with some controversy

Despite the rhetoric, few companies truly prioritize security until it’s too late.

I’ve been around this industry for over 30 years. I’ve watched budgets get cut and companies put profitability and growth ahead of security. It’s a common inside joke that there is nothing like a good breach prior to the budget cycle and you should never miss an opportunity to take advantage of a breach to increase the security budget. It's the rare time we get money.

A serial entrepreneur, ex-CEO of many startups recently reminded me that startups need to focus on getting to market and growing the customer base.  Once there, then there's something at risk, but before that it’s not a priority to secure the business.

Some businesses are required to achieve certain certifications or meet industry or regulatory compliance mandates, which helps to some extent. It enables the CEO to sleep a little easier, but a SOC2 or ISO27001 certification or compliance with PCI-DSS or HIPAA doesn't equal a good security program. 

The bottom line is we never think it will happen to us. A little “head in the sand” or wishful thinking perhaps?

I get it.  At the end of the day we’re in business to make money, so it’s important to be thoughtful on where the funds are invested.

Introducing 909Cyber

Having said, “It's important to be thoughtful on where the funds are invested,” throughout my career, I’ve watched security leaders build programs focused on checking boxes. All of the various security disciplines are represented in their strategy and they spend tens of thousands—or sometimes millions—of dollars deploying tool after tool.

Your company deserves security leadership who demonstrates pragmatic security supporting what drives your business forward.  A team that can deliver a strategy and empower its execution without breaking the bank.  Our focus at 909Cyber is delivering expert services covering Consultancy, vCISO and Recruitment:

Our Consulting philosophy centers on reducing risk, minimizing security friction, and lowering costs. Through our  “Pragmatic Security” approach, we assess your spending, processes, and operations, providing recommendations that help you save money without compromising security.

Our vCISO services provide executive-level strategic leadership. Whether you need a full security program or targeted solutions, we tailor our approach to fit your unique business needs.

Our Recruitment services leverage deep industry knowledge and networks to fill immediate roles but also build a pipeline of qualified professionals aligned with your culture and long-term goals. This strategic approach empowers your organization to innovate, respond to emerging threats, and maintain a competitive edge in a highly-dynamic industry.

Our aim in delivering these services is:

Consulting

  • Reduce Risk, Friction and Cost 
  • Deliver quality results for an upfront agreed price 
  • Reduces your costs via our “Pragmatic Security Program”

vCISO

  • Cost less than a full-time CISO
  • Removes the risk of relying on a single person (especially when the average tenure is 18 months)
  • Delivers diversity in thought leadership

Recruitment

  • Resolve the risk of you hiring someone who lacks the skills and experience
  • Be your trusted partner throughout the lifecycle of your hiring process as well as company growth
  • Backed by practitioners who are engaged throughout the hiring with a depth of thousands of connections we’ll engage with to expedite finding the quality talent you deserve 

So, What's the problem?

Short story…

That depends on the company. Enterprises struggle to find exceptional talent, retain talent and sometimes deliver results in a timely manner that doesn't cost the earth.  We believe too many enterprises struggle to get programs off the ground or even finish them.  Often CISO’s leave the company before their strategies are even delivered.

Small to midsize companies rarely need a full time CISO; but we know they need some guidance on direction. It often falls on some executive who already has a day job and lacks security expertise—managed as an afterthought.  In our experience this results in a haphazard approach to security, lacking strategic direction and spending money on random tools.

This is what 909Cyber was created to address; help companies of all sizes deliver quality results in a timely manner at a price that doesn't break the bank.  We believe in pragmatic security, not rolling in and recommending 10 new tools.  Finally, we operate with trust and transparency at the forefront; our reputation matters as it’s taken years to build.  

Long story…

For the last 20 years I’ve spent my time building global teams supporting large enterprises—and throughout my whole career I’ve run extremely lean organizations. I often inherited teams and was dismayed at how overly complicated our resulting situation had become. With so many technologies being deployed and programs spun up that in the end we had more technologies than staff (at one point we had 1.5 tools per person).  As you can imagine, the result is usually that deployment of the technologies is subpar, utilization is low, and integrations are weak at best.

As I worked in smaller companies, I realized that many startups have extremely small teams and, again, more technologies than staff.

Walking the halls at the annual RSA Security Conference, it's clear that we have lots of choice and some amazing companies building great technology.

But, this brings me back to the money.

Experienced leadership knows the importance of context. You have to understand your business so you know where to focus to reduce your cyber risk.  The experts of 909Cyber will consolidate your IT and security tools as we remove friction within your company, enabling your employees to focus on delivering results while worrying less about security.

909Cyber = Reduce Risk, Reduced Friction & Reduced Costs

Why Now?

In the last 10 years I’ve run Enterprise Security in Adobe and Cisco, with huge budgets and huge teams. I’ve run critical services that supported their users and customers, from their IAM & CIAM programs, strategies on high risk countries, engineering security and even a company jet.  It was high stakes and visible to the CEO’s and their boards. 

Then I jumped to a small startup @BanyanSecurity where I was their CSO, running IT and Security (which I totally loved).  In December 2023 Banyan was acquired by @SonicWall as they expanded their portfolio of offerings.  I stepped into the role of CSO at SonicWall and—during my brief time there—learned that the SMB space was full of companies that lacked security expertise.

The acquisition in December was a time of reflection for me personally as we went through a family loss.  And, while I was back in Scotland helping that journey, I was also contemplating the potential career outcome. We’ve likely all seen a startup be acquired. It's typically for the technology and rarely for the G&A folks.  So I was already figuring out a plan B and C. 

  • Plan A, become the CSO at SonicWall
  • Plan B, start my own company
  • Plan C, get a real job

So, to my surprise I became the CSO at SonicWall but within a few months it became clear it wasn't the right fit (for either side).  So, like professionals we had an adult conversation and chose to part ways. I’m still grateful to SonicWall for the experience and of course wish them all the very best.

Now it’s time for plan B.  You see, during plan A I learned about SonicWall’s 15,000+ partners and was lucky to meet many of them during a couple of trips.  All of this cemented for me the need for pragmatic and affordable security expertise in the SMB space.

Exceptional Cyber Consultancy

We’ve all spent a career throwing budget in the crapper on professional services that bill by the hour and fail to deliver any tangible result.  So we focus on delivering outcomes that meet the highest standards regardless of the effort.

Work products

909Cyber delivers outcomes in the form of work products.  After all, aren't you expected to deliver the results you commit to your bosses?

We feel our pricing is structured in a way that enables you to select the work products that matter to you.  However we also have subscription offerings ranging from a basic retainer plan, to intermediate and then advanced plans. 

The goal with the subscription model is that you have a predictable spend and leverage further discounts.

We are open to hearing your issues and working with you to craft a program that is right for you.

Our 5 step Pragmatic Security Program?

We’d like to think our approach is different from the rest of the security firms out there.  Here’s a few highlights of our process:

  1. Learn your business
  2. Determine the risks to your growth and profitability
  3. Assess your IT and Security people, process, and technology
  4. Recommendations: consolidation, optimization and how to reduce friction and risk
  5. Enable your execution (bring in the experts if needed)

What makes us different?

We don't sell you on the need for a big security program, nor do we hide behind complex or hourly pricing.  Our aim is to be as transparent and open as possible. Our pricing is intended to deliver value to our customers with no surprises.

We’ve all been burned before paying hourly rates for deliverables that sometimes never arrive with the quality you expect.  Our subscriptions are available for those who wish to leverage further discounts and a predictable billing cycle.

Ready to protect your business with pragmatic, expert-led security? Contact us today to discuss how 909Cyber can safeguard your company’s future.

Exceptional vCISO Services

We have an exceptional team and network that brings depth of experience spanning many industries over the decades.  Our depth enables diversity of thinking and creative solutions, most likely any problem you approach us with we’ve seen and resolved over the years.

Whether you need someone to fill the role while you search for a permanent CISO or leverage our team to cover the gap; we have what it takes.  

The most important thing is we can tailor our vCISO offering to meet your business needs at a price point that is more attractive than hiring a full time CISO.

Exceptional Cyber Recruitment

909Cyber’s recruiting services play a crucial role in building a strong, skilled, and resilient team capable of defending against the ever-evolving landscape of digital threats. These services identify and attract top talent with the specialized technical expertise and experience needed to tackle complex cybersecurity challenges. By leveraging industry knowledge and networks, 909Cyber ensures that we not only fill immediate roles but also builds a pipeline of qualified professionals who align with the company’s culture and long-term goals. This strategic approach to talent acquisition enhances the firm’s ability to innovate, respond to emerging threats, and maintain a competitive edge in a highly dynamic industry.

What Sets Us Apart?  

Our Experience

At 909Cyber, we deliver a highly personalized search expertise, meticulously crafted to help our clients scale efficiently and effectively. 

Our Approach

Our deep expertise in the cybersecurity industry, combined with our unparalleled search proficiency, ensures that we connect you with the top talent with diverse backgrounds your company needs to thrive.  

Our Commitment

We operate with a sense of ownership, treating your business with the same care and commitment as our own, ensuring a partnership that drives mutual success.

Our values:

Integrity: We act with honesty, transparency, and unwavering ethical standards.

Excellence: Delivering top-tier cybersecurity solutions with precision and dedication.

Innovation: Continuously advancing with cutting-edge technology and forward-thinking strategies.

Client Focus: Prioritizing customized solutions to meet each client’s unique needs.

Resilience: Building strong defenses to withstand and recover from any threat.

Our Commitment to Diversity, Equity & Inclusion

At 909Cyber, we believe that creating an inclusive environment where individuals from diverse backgrounds—across abilities, races, genders, and more—are respected and valued drives innovation, creativity, and success. We are dedicated to helping our customers take meaningful strides that will benefit both our customers and the industry as a whole.

The 909 Difference

Unlike other recruitment firms we leverage our team throughout the process.  This means you’ve got expert practitioners who use their decades of experience to help raise the quality bar.

Here’s how we can get involved in the process (based on your requirements):

  • Help guide your team and craft the Job Description
  • Leverage our vast network of over 5000 IT & Security professionals to seek out candidates (even those not actively looking)
  • prior to providing our clients resumes we leverage our team to vet candidates and if agreed participate in the interview.
  • To differentiate 909Cyber, we focus on delivering a superior candidate experience through a series of unique and impactful strategies:
  • Seamless Candidate Journey: We streamline the recruiting process to be intuitive and efficient, providing timely feedback at every stage to ensure a smooth and engaging experience. 
  • Authentic Company Culture: We bring your company’s culture to life through dynamic employer branding and targeted social media content, offering candidates a genuine glimpse into your workplace environment. 
  • Precision Targeting: We market map, and use data to help identify and attract top talent who are a perfect fit for your organization’s unique needs, while keeping an eye on diversity. 
  • Exceptional Candidate Care: We treat candidates with the same care and attention as customers, making a memorable first impression through personalized interactions and thorough communication. 
  • Comprehensive Skill Assessment: Our deep industry leaders can quickly assess talent capabilities and make recommendations. 
  • Ongoing Engagement: Our commitment to regular and transparent communication keeps candidates informed and engaged throughout the recruitment process, reducing drop-off rates. 
  • Bias-Free Recruitment: We implement structured interview strategies to minimize unconscious bias, ensuring a fair and equitable recruitment process that focuses solely on candidate merit and fit.
← Back to resources library

Still have questions?

Contact Us

CISO-as-a-Service

Plans & Pricing

About Us

© 909Cyber, Inc. All rights reserved.

Privacy Policy