In a fast-moving threat landscape, finding the answers to complex security challenges can be fraught with unknowns. Asking the right questions can make all the difference, as Steven Escobar and Ben Habing know well through their work in the Assessments and Advisory practice within Cyber and Data Resilience at Kroll.
Steve explains: “We work hand in hand with businesses to assess their cybersecurity landscape from a holistic perspective, evaluating different aspects of their cybersecurity program, including policies, technology or processes. Our goal is to put organizations in the position of being able to eliminate or mitigate as many risks as possible to ensure they don’t become incident response clients.
“Our day-to-day is mainly about enabling companies to advance their risk management programs,” adds Ben. “Particularly, helping them to improve their cybersecurity maturity and identify risks within their environments. That could be anything from a cybersecurity risk assessment to a cloud security assessment.”
Talking the Talk
Identifying a company’s specific security risk factors can be highly complex. That’s why close collaboration with clients is so important. “The weeks in which we're meeting with a client usually consist of up to five or six hours a day in conversation, covering the different issues impacting their environment,” says Ben.
Achieving this level of insight entails covering many different aspects to ensure nothing important is missed, comments Steve: “By the end of the engagement, I want to have a full understanding of what’s out there in the company’s environment and to be able to make those judgment calls about the security practices in place. To achieve this, we have around 12 hours of client conversations throughout the week.”
These strategic discussions lead to the client gaining the insight they need to help inform their security strategy. Ben explains: “The result of all those conversations is what defines the process. We collate and analyze all the data and responses to our questions to develop a report with recommendations that the organization can use over the next 12 to 18 months to mature their cybersecurity program and reduce risk.”
Solving Diverse Challenges
No two organizations or security challenges are the same. The fast-moving nature of business and cyber threats means that Ben, Steve and the rest of the Advisory team are constantly seeking to identify the best solutions to very different types of business security priorities. This calls for close working across the team—and the wider Kroll team too. “We have great cross-collaboration between the teams at Kroll and with our alliance partners, for example, between incident response and working hand-in-hand with CrowdStrike on our managed detection and response services. We also have deep expertise within our team, both technical and consultative,” says Steve. “Everyone on my team has had experience of sitting on the other side of the phone call as a security client at some point in their careers. So, there’s a lot of hands-on experience within our own team and the whole Kroll team.”
Alongside their core consulting roles, Ben and Steve provide security advisory support to companies across North America and the UK as Virtual Chief Information Security Officers (vCISOs). Their role also involves delivering bespoke online and in-person cybersecurity training to clients around the world.
Putting People First
While the focus is firmly on addressing technical challenges, the consulting team follows a personalized and people-oriented process, as Steve highlights.
“One of the aspects I value most about working at Kroll is our commitment to people as much as to solving complex security challenges. We intentionally avoid a one-size-fits-all approach; every engagement is tailored to the unique needs and risk profile of each client. This focus allows us to deliver meaningful, practical outcomes rather than generic assessments.”
“I think the human side is a really important element for everything we do,” adds Ben. It's really easy to make it just about looking at the data. But for all of those data points, there are people on both sides of the equation. Our job is about helping people as much as it is about identifying security risks. There's a lot of hype about different technologies and which ones will best help a business detect and respond to cyber threats. We help clients identify exactly their next steps, in the context of a broader, mature security program”
Alongside their dedication to supporting clients, Steve and Ben’s work is also informed by in-depth technical experience across diverse industries. While Steve’s military career was followed by extensive systems admin experience in the medical sector and in the defense and space manufacturing industries, Ben’s 25-year track record includes experience in establishing IT, information security and cybersecurity awareness programs, primarily in the medical and life sciences sectors.
Steve can empathize directly with Kroll clients, having been one himself not long ago. Added to this is his goal to serve, as exemplified by his past career in the U.S. Army: “Having a military background, I use the word “duty” a lot. And I feel like it's our duty to help at Kroll.”
Dedicated to Problem-Solving
For both Ben and Steve, an appetite for challenges is yet another driver in their work with Kroll clients. “Problem- and puzzle-solving is definitely something I wanted from my career,” explains Steve. “I need something new to work on every day, and I certainly get that in this role with the exposure to different clients in this role. Working with more than 50 clients throughout the year involves many different types of technologies and environments. Understanding the many complex environments that do exist out there is a challenge in itself, but it's also very fun.”
Taking an individualized approach to each company they work with is essential. “We don't do cookie cutter assessments because every client is different,” Steve continues. “We focus on their specific needs. It's always satisfying to deliver the report to the client and have that final close-out call with them.”
Sharing valuable insights to drive businesses forward is what the role is all about, according to Ben: “What we do helps clients to move from inaction to action in terms of the steps they need to take to secure and mature their information security program. It’s extremely rewarding to see the client progress from a place of ambiguity to understanding exactly what they need to do next.”
Stay Ahead with Kroll
Cyber and Data Resilience
Kroll merges elite security and data risk expertise with frontline intelligence from thousands of incident responses and regulatory compliance, financial crime and due diligence engagements to make our clients more cyber- resilient.
Cyber Risk Assessments
Kroll's cyber risk assessments and advisory services deliver actionable recommendations to improve security, using industry best practices & the best technology available.
Cloud Penetration Testing Services
Kroll’s team of certified cloud pen testers uncover vulnerabilities in your cloud environment and apps before they can be compromised by threat actors.
Kroll Responder
Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.
24x7 Incident Response
Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.
