SECURITY RISK MANAGEMENT
YOUR TRUSTED ADVISOR FOR CYBER SECURITY RISK MANAGEMENT
WHO WE ARE
An elite, boutique team with decades of experience advising CEOs, Boards, investors, and senior government leaders
A trusted advisor on cyber security risk management
Situated at the nexus of corporate governance, law, regulations, technology, intelligence, venture capital, and policy
Experience across sectors including financial services, telecommunications, insurance, defense, critical infrastructure, manufacturing, transportation, and more
Led by CEO Richard Clarke, internationally renowned expert and former presidential advisor on cyber security
SERVICES FOR CEOS, C-SUITES, BOARDS, AND INVESTORS
EXECUTIVE CYBER SECURITY RISK PROFILE AND STRATEGY
We conduct a bespoke analysis of a company's most significant risks and its cyber security governance and program, delivering to C-Suite leaders and Board members a clear understanding of the company’s biggest cyber security risks and actionable recommendations to mitigate them.
The Risk Profile leads to a concise, written strategy, which harnesses the whole-of-enterprise effort necessary to solve complex cyber security challenges. The strategy can be supported by an action plan and technology roadmap that are prioritized against actual needs, avoiding the common pitfall of spending large sums on cyber security "solutions" that are not well matched to actual risks.
EXECUTIVE TABLE TOP EXERCISE AND INCIDENT RESPONSE PREPAREDNESS
We help companies prepare for and practice crisis management, because companies that do so perform better when a real crisis happens. While cyber security incidents may be inevitable, the resulting damage is not.
We deliver a Table Top Exercise (TTX) simulation for executives with realistic scenarios designed uniquely for the company and its business operations. The TTX evaluates existing plans and capabilities, heightens executive awareness, and strengthens the company's ability to respond to a real cyber security crisis Incident.
We also help companies develop incident response plans and assemble the team of key incident response providers, such as forensics providers, law firms, and public relations experts, that are necessary to manage a crisis effectively. We serve as incident response coach during a crisis, coordinating the efforts of the whole team and supporting corporate leaders as they make difficult decisions.
THIRD PARTY RISK MANAGEMENT PROGRAM
We help our clients to develop third party risk management programs that assess, prioritize, and mitigate cyber security risks from providers, partners, and other third parties. We also conduct individual risk assessments on third parties that are crucial to their business operations or that pose significant risk. Further, we have unique experience supporting companies as they engage with industry peers and suppliers to share information and manage risks that are shared across within an industry or across industries.
PORTFOLIO SUPPORT AND DILIGENCE FOR PRIVATE EQUITY, INVESTORS, ACQUIRERS AND HOLDING COMPANIES
We help buyers and investors not only to manage risk but to capture opportunities presented by cyber security. Through our Cyber Security Risk Diligence services, we help buyers anticipate, quantify, and negotiate mitigation of risks in M&A and investing. Beyond diligence, we can manage risks and identify opportunities throughout the investment/M&A lifecycle, whether helping individual portfolio companies or serving as a retained advisor to the portfolio owner, serving the entire portfolio.
GO-TO-MARKET SERVICES FOR TECHNOLOGY COMPANIES
We deliver actionable market analysis and help technology companies establish themselves in the market through thought leadership and content development on emerging cyber security issues.
Good Harbor has completed Risk Profiles, Governance Reviews, and/or Strategies for Fortune 200 companies and leaders across many sectors, including insurance, consumer products, mortgage insurance, private equity, and High Frequency Trading.
Our team has experience across the U.S., Canada, Mexico, South America, Europe, the Middle East, and Asia.
DATA LEAKAGE RISK MANAGEMENT FOR MULTINATIONAL MANUFACTURER
The Board of a global electronics manufacturer worried about data such as Intellectual Property or business secrets leaking from the firm, particularly due to the risks of an insider threat.
Good Harbor reviewed the company’s program for preventing, detecting, and responding to data leakage, including by visiting overseas facilities and interviewing top executives in the United States and Asia. Good Harbor delivered key recommendations to the C-Suite, which accepted the recommendations and immediately began implementing them. In response to follow-up requests, Good Harbor also mapped its assessment for the company to the NIST Cybersecurity Framework and facilitated introductions to cyber security technology providers.
THOUGHT LEADERSHIP FOR TECHNOLOGY LEADERS
When technology leaders like Microsoft and McAfee need to bring research and crisp analysis to emerging and challenging issues, Good Harbor delivers:
-- Microsoft retained Good Harbor to publish Confronting Cyber Risk in Critical Infrastructure to explain application security to owners and operators of critical infrastructure.
-- McAfee retained Good Harbor to support its Initiative to Fight Cybercrime with, Virtually Here: The Age of Cyber Warfare.
-- Good Harbor supported Microsoft’s Linking Cybersecurity Outcomes and Policies, which proposed a model for linking countries’ policies to cyber security performance.
RISK PROFILE AND GOVERNANCE REVIEW FOR MULTINATIONAL INSURANCE COMPANY
A top insurance company engaged Good Harbor to review its cyber security governance and identify critical cyber risks for the business.
Good Harbor carried out an Executive Cyber Security Risk Profile through interviews at the company’s U.S. headquarters and made recommendations in areas including data classification, technology, third party risk management, and incident response. The company later re-engaged Good Harbor to evaluate the cyber security of one of its key software vendors and a foreign subsidiary.
RISK PROFILE AND TABLE TOP EXERCISE FOR FORTUNE 500 CABLE, VOICE, AND INTERNET PROVIDER
A major North American cable, voice, and Internet provider retained Good Harbor to assess its cyber security risk profile and to evaluate its cyber incident response capabilities.
Good Harbor educated executives on the threat landscape, conducted a Risk Profile review, and delivered a tailored, executive-level Table Top Exercise. Good Harbor synthesized key recommendations into an executive report, which resulted in enhancements to the company’s governance and to its crisis management preparedness. The company later re-engaged Good Harbor to update its analysis, evaluate progress made against the original recommendations, and expand the analysis to an important third party.
CHAIRMAN AND CEO
-- Served three consecutive Presidents through an unprecedented ten continuous years as a White House official, including as Special Advisor to the President for Cyberspace, Special Assistant to the President for Global Affairs, and National Coordinator for Security and Counter-terrorism
-- Author of eight books, including the national number one best-seller Against All Enemies and Cyber War: The Next Threat to National Security and What to Do About It
-- On-air consultant for ABC News on cyber security, counter-terrorism, and national security
EMILIAN PAPADOPOULOS, PRESIDENT
-- Over a decade of experience advising Boards, CEOs, investment professionals, and public officials on cyber security and risk management, with experience in North America, South America, Asia, and the Middle East across sectors including energy, insurance, law, technology, defense, financial services, government, and manufacturing
-- Co-author of the Governor's Guide to Cybersecurity with the National Governors Association
-- Graduate of the University of Toronto and of Harvard University's Kennedy School of Government, where he chairs the global Alumni Board of Directors
JACOB GILDEN, DIRECTOR
-- Security technology and risk management professional with experience conducting assessments for enterprises ranging from Fortune 500 companies to startups in sectors including financial services, consumer products, and technology
-- Advised a leading private equity firm and technology companies on investment opportunities, the cyber security market, and security product marketing
-- Previously a member of the Cyber Defenders program at Lawrence Livermore National Lab and LLNL's governmental affairs office
EVAN SILLS, DIRECTOR
-- Editor of A Playbook for Cyber Events, a project of the American Bar Association's Standing Committee on Law and National Security
-- Member of the Global Governance Futures 2027 Fellowship
-- Frequent presenter on cyber risk management in both the public and private sectors, including at the RSA Conference, CyberMaryland, and elsewhere
-- Graduate of the George Washington University Law School and Elliott School of International Affairs
The Good Harbor leadership team is supported by high-caliber directors, associates, and subject matter experts. The team also brings to bear relationships with legal, forensics, and public relations partners to offer clients unparalleled, coordinated services.
NEWS AND RESOURCES HIGHLIGHTS
CAREERS & CONTACT
We are currently seeking a highly motivated, diligent, and experienced individual to join our team as a director-level Cyber Security Risk Management Advisor. As a director with our team, your primary responsibility would be to help our corporate and not-for-profit clients improve their cyber security risk management.
You can read more, including how to apply, here: Cyber Security Risk Management Advisor | Director.
We look forward to hearing from you!
For other queries, please contact us:
202.212.6680 | contact[at]goodharbor.net
Send us a message:
2020 K St. NW | Suite 620
Washington, D.C. 20006