Take a moment to consider your company’s cybersecurity efforts. Do you picture your IT and security teams devising proactive technical solutions and dealing with threats? If so, that’s a typical and valid response. Yet, there’s another key piece that most companies don’t consider: business process. The ins and outs of how your company works affects cybersecurity more than you know. Ken Chodnicki, COO at Deep Run Security , a consulting firm in Baltimore, Maryland speaks passionately about the inseparable nature of business process and cybersecurity. “Risk management, especially cyber risk management, is unquestionably bound to business process. But, business process isn’t a glamorous topic and companies don’t like to think or talk about it.” Consulting firms who understand the critical connection between business process and cybersecurity see an obvious need to help companies reshape their current approaches. “Fundamentally, we believe the weakness is not directly in the technology on the market. History has shown the weakness to be in how the technology is utilized and the maturity of the tools and operations therein,” notes the Deep Run website. For many consulting companies in this space, their beliefs are applied through a range of services that often begin with a long, hard look “under the hood” followed by process mapping that enhances cybersecurity. These services appeal to companies that, at all levels, seek to understand where they currently stand and where they need to be in order to be more secure. Some consulting firms have found that one of the most empowering things a newly appointed C-level executive can have is an unbiased starting point, which gives them visibility and clarity regarding information security. Gary Merry, CEO of Deep Run , adds to this idea by stating,Yes, we need innovative technology, and yes, IT must do all they can to protect our data, but security is not the sole purview of IT – it is everybody’s job.” Merry closes with, “The concept of making security part of your business is not a new concept. But, unfortunately, it’s hard. It’s exponentially harder to make a cultural change to a business, especially with technology as the protagonist.”