Happy Birthday to River Security
At the time of writing, River Security has turned one year old and looking back, we realize what a fantastic year it has been! As most one-year-olds are busy learning to walk, we find ourselves running, jumping, and climbing. While constantly in the zone, either developing our service or concluding a project delivery, we rarely take the time to realize and reflect on what has been achieved. – So, to remedy this, both for you and ourselves, we decided to set aside some time finishing this blogpost last night giving us all some insights into how these firsts 12 months have been.
Founded on the 5th of June 2020, by two resources with one idea of making IT-security more approachable and comprehendible to the customers. With no financial backing, no external owners, and no technology partners it can be quite a challenge. We have taken a path of our own, and from day one we knew that proactive measures and continuous deliveries are the way to go about information security. “Upstream thinking” methodology and the “OODA-loop” are core concepts of how this company has been shaped and helped us focus our products and services in the right direction. This direction pulls us in the direction of always-on attackers. IT-security is like working out; It does not help much going to the gym twice a year.
To best fight cybercrime, we mimic how real attackers operate while putting great efforts into staying up to date with the latest tactics, techniques and procedures (TTP’s) in an ever-changing landscape. We beat the attackers by making their game our own, outperforming them on several levels. No static or one-time delivery has any chance at winning this war, meaning we are constantly adapting.
All markets have room for disruptive mindset and new approaches, this goes for information security as well – arguably the fastest moving branch of information technology. News gets old in a heartbeat.
Analyzing trends, studying numerous surveys and by questioning CISO’s/CTO/IT-security managers within our social network, it is obvious that there is a large piece missing from the global information security puzzle. That piece is Attack Surface Management service. This is not all that different from our initial idea behind River Security and fits perfectly in our flow. We decided to build a tailored and specialized services delivery, combining the best of what technology, automated processes and manual investigation with the right context could provide. This is today offered as Active Focus ©, tailored to the companies’ needs. Active Focus © is a cornerstone of River Security, aiming to proactively help organizations to greatly reduce the risk of being hacked.
One may ask, – Is it even possible to compete against the bigger and more well-established players? – Yes, it is. We believe one singular key success factor is avoiding the temptation for wanting to boil the ocean. Narrow it down, find your segment, stay on path, and keep that focus! Aim to be a niche player. We are learning a lot from both the evolving competitor landscape and our increasingly broad base of customers. This helps us stay sharp and current.
One could argue that being a young company with a small number of employees is a disadvantage. – We have experienced quite the contrary; being small gives us the agility required to act or change fast, providing relevant services to our customer base with both dedication and speed. The team composition, and the year-long experience from conduction traditional penetration-test activities, incident response handling, as well as general cyber consulting, put us is the perfect position to both develop and deliver a valuable and groundbreaking service.
So, for the next 12 months we will keep winning, and present new innovative modules to improve our service offerings. We will recruit more highly skilled employees into the “River Family” and onboard new customers, helping them fight cybercrime by implementing truly proactive measures. Best of luck to us!
