Strategy of Security analyzes the business and strategy of cybersecurity. Its mission is to provide thoughtful and practical perspectives for modern cybersecurity professionals.
A few of the topics Strategy of Security covers are:
- Broad trends and events across the cybersecurity industry and ecosystem.
- Specific cybersecurity companies and products, ranging from public companies to startups.
- Concepts, theories, and case studies relevant to cybersecurity leaders and operators.
Publishing includes free weekly articles and daily commentary on social media.
Hi, I'm Cole Grolmus. I'm both an analyst and operator. I study and write about the business and strategy of cybersecurity. I also consult with companies on strategic cybersecurity projects.
Previously, I worked at PwC for 12 years in the Cybersecurity, Privacy, and Risk practice. I started as an intern and left as a director. PwC was ranked as the top cybersecurity consulting provider in the world by ALM during my final year at the firm.
My work at PwC included cybersecurity assessment, strategy, implementation, and operations projects for several iconic companies. I led large, specialized teams solving complex cybersecurity problems with multi-million dollar investments.
I had the fortune of learning from respected cybersecurity leaders, including Fortune 100 Chief Information Security Officers and a former Deputy Director of the FBI.
Following my time at PwC, I co-founded a technology startup focused on analytics and automation for Agile and DevOps teams. Our customers included large enterprises, boutique consulting firms, and growth companies.
I attended the University of Iowa for my undergrad, majoring in Management Information Systems. I received an MBA from the University of Minnesota, emphasizing in technology and strategy. I am a Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA).
As an independent analyst, I disclose any sponsorship, investment, or advisory relationships I have with companies I cover. Much of the value from my work comes from my independence. I am committed to remaining independent when possible and transparent with disclosures if independence is not possible.
To get in touch about working with me as a consultant, speaker, or other capacity, please e-mail directly. I use a security and privacy focused email service. You can also follow me on Twitter. My DMs are open.