We live in a deeply interconnected digital world. The information revolution that began in the 20th century now drives economic growth with electronic and artificially intelligent devices designed to drive data in a neutral and unhinged Internet. Consequently, information exchange at great scale has been a key driver for the IT sector with the prime focus on sourcing and streamlining gobs of data into meaningful and valuable information.
However, data leaks caused by unprecedented hacks have emerged as the nemesis to advanced technology, creating the dire need for effective cybersecurity, privacy, and risk management of our digital world. With cyber-attacks getting increasingly sophisticated, one company has stayed a cut above the rest by providing the simple all-in one future-ready and compliance-friendly cybersecurity and privacy programs to make cyber compliance easy for their clients and the supply chains that matter to them.
Established more than 20 years ago, headquartered in Sacramento California along with expertise located in San Diego, Los Angeles, Boise, and Denver, Omnistruct is leading the charge, preparing organizations to make security and privacy programs work so businesses can keep sensitive consumer data sacred that has been entrusted to them by customers and partners. Co-founded by President John Riley and CEO George Usi, Omnistruct’s mission is to help the other 98% of businesses prepare for when cyber compliance matters by offering simple cyber security and privacy programs that work. These programs include the new US guidelines in cyber security and privacy, designed by the National Institute of Standards and Technology, to go well beyond technology and reduce the risk of sophisticated hackers.
Information is money
Information theft is the most expensive and fastest-growing segment of cybercrime. Although companies have compliance mandates in place, a simple hack could cause widespread impacts like loss of revenue, loss of reputation and regulatory fines. Despite having scores of innovative protection and detection technologies in place, data breaches are on the rise.
Arguably, as cybersecurity gets more advanced, so do cyber-attacks, forcing organizations to be diligent and ever ready in order to protect company secrets and personal information under their stewardship. “But by using a framework with risk mitigation, an organization can understand the risks, mitigate them in unique ways and be more successful when fending off cyberattacks,” explains John. This is where Omnistruct prevails.
“There are so many great technology companies out there but technology is only part of the overall solution and Omnistruct believes that the policies and procedures can be the key to making a cybersecurity program successful.” - John Riley
Creating written policies, implementing and governing custom cybersecurity programs around how a business and industry operates, Omnistruct helps apply the new US guidelines to keep its customers protected against many cyber-attacks while helping organizations be continuously audit-ready. They then maintain that security program allowing customers to work more closely with their partners and affiliates, with provable cybersecurity.
Driven by the Latest Compliance Guidelines
The Omnistruct solution was born out of years of conducting security audits and seeing how so many organizations were grossly under-resourced when tasked with protecting and mapping their data. “It is no wonder why we have so many cyber security incidents,” states John.
Omnistruct operates under the NIST Cybersecurity Framework (CSF). The NIST Cybersecurity Framework is the benchmark for all stakeholders of an organization to manage and reduce cyber risk. Omnistruct creates a risk register based on this framework and works with third-party technology providers to implement and maintain a shared and secure customer environment. Furthermore, they provide continuous third-party auditing against controls and use their proprietary scoring system to help communicate risks to their partners. Broadly put, Omnistruct bridges all gaps between their clients, the technology providers, and clients customers to create and maintain an agreed and viable solution.
“We were founded on the principle that sensitive data is sacred and that something needed to be done to help the other 98% of businesses and their IT providers prepare for when hackers crash into them.” - George Usi
Omnistruct’s solutions are primarily targeted at small to medium enterprises who have a higher risk factor of coming under a cyber-attack. Their customized solutions are designed to fit most mid-market companies and their managed service providers. Their programs can be easily adapted to serve smaller companies as well who see the value of working diligently to safeguard their customer data. Their clients today tend to steward more than 500 privacy records and can range from anywhere between a dozen employees or thousands worldwide.
The Inception of A Disruptive Approach
The foundation of Omnistruct was laid when George and his network of internet scientists concluded that there had to be better ways of securing businesses and users from hackers. Key figures understood that an all-embracing ‘blueprint’ be created by a scientific entity and regularly updated to protect businesses from all virtual threats so the collective could “be on the same page.”
“For the blueprint to succeed,” explains George, “I posited that it must be sponsored by key executives, written well and aligned with NIST for inter-organizational consistency amongst US based businesses. Moreover, for well written plans to be successful, most businesses would need multiple people with standards, controls, and risk management backgrounds who are great at working with legal teams writing policies, procedures, and guidelines. Additionally, in a world of overloaded technology experts struggling to document support tickets, complete projects and often in an untenable post-breach risk position to illustrate they did the right thing, I also realized that executives and business owners would need to be educated on why they must invest in cyber risk planning or be held accountable by lawmakers and consumers who are tired of being hacked.”
“Using the NIST CyberSecurity Framework (“NIST CSF”) and the Omnistruct Utility Platform, even the non-technical CEOs and Board Members can illustrate their cyber risk diligence and privacy data stewardship actions.” - George Usi
In their 25+ years of experience, co-founders George and John have written policies for many large companies under the guise of assessments, audits, and consulting agreements. While George, who is an award-winning leader in Internet governance, and has a Bachelor’s degree from CSU Sacramento, leads the vision of the company, John drives the strategic operation of Omnistruct. John has also acquired, sold, and owns a number of businesses in multiple industries, and together they create the latest and most exemplary cybersecurity avenues for their clients. George is also a Board Member of Secure the Village, a Los Angeles not-for-profit in Los Angeles turning people into cyber guardians and co-chairs the California IPv6 Task Force together with Ed Horley, author of Practical IPv6 for Windows Administrators. George’s advisors and mentors include HP Fellows Jim Bound† and Yanick Pouffary as well as Google Vice President, Dr Vint Cerf.
Staying above the disruption
Although cybersecurity compliance is not new, John states that the supply chain questionnaires, poised to contractually obligate partners to declare and affirm their cyber posture, are becoming more popular after the larger hacks lately. The dependence on layers of technology and a lack of comprehensive written information policies creates security gaps, making it easier for hackers to infiltrate data. Furthermore, IT engineers who are skilled at tracking backups, installing updates, and ensuring uptime are prone to short handing written policies and procedures. Omnistruct fills these gaps by handling the writing while also identifying the right people for the right job and the right certified supplier for the solution, designed around their client cyber risk position to provide them with an airbag that deploy when hackers crash into them.
The fact is, that as digital transformation progresses, so will cyber-attacks. Cybersecurity experts predict that in 2021 cyberattacks happen every 11 seconds, which is nearly twice what it was in 2019. Companies and businesses must prepare themselves with the most sensible arsenal of data security solutions and be well prepared to defend their next cyber-attack from the computer room to the board room. Omnistruct helps organizations to do so.
“At Omnistruct we focus on writing and work with the technical specializations to provide the most comprehensive cybersecurity program that works.” - John Riley
Looking ahead, one can be sure of regular disruption in the data exchange market. Machine learning and AI are already being used by cyber-keepers and hackers, and quantum computing will be next with more regulations being imposed around data breaches. Foreign countries already have their own cybersecurity breach and privacy laws in place and at some point, in the near future, there will need to be a consolidation of all these laws. For now, however, Omnistruct continues to be the driver for US companies to speak the same cyber language using NIST so that they can collaboratively fight cybercrime and protect privacy data, because, for Omnistruct, all data is sacred, no matter who it belongs to.
