Please ensure Javascript is enabled for purposes of website accessibility About Our Cybersecurity and Risk Assessment Consultants | Consilience 360 | USA
top of page
Consilience 360 Unifying Business, Science and Security

about

Our efforts are discreet, our methods are scientific, and our conclusions are evidence-based.  

We always function as a trusted advisor and source of ground truth for boards of directors and senior executives.

 

Our mission is to help clients secure their critical information assets, and to facilitate effective security governance.

Consilience 360 (C360) is an owner-operated, closely held security risk management consulting firm based in New York City. Co-founded in 2022 by Ed Stroz and Carl Young, C360 provides trusted security risk management and governance advice to boards of directors, corporate officers, and corporate committees. Our clients include global IT firms, publicly traded software companies, and prominent international law firms.

A key element of our practice is helping organizations navigate increasingly challenging legal and regulatory landscapes. To that end, we have been engaged as expert witnesses in some of the highest profile cybersecurity litigation and US government enforcement actions. Our significant experience addressing high-risk security scenarios and overseeing dozens of computer-related investigations is a foundational element of our unique advisory capability.

operational principles

C360 also specializes in performing rigorous security risk assessments and revealing the security implications of complex operational scenarios. Where possible, we provide meaningful quantitative results by leveraging physical science and/or established statistical methods. We also evaluate the effectiveness of security technology, and are particularly adept at assessing systems whose performance is affected by natural phenomena.

Importantly, our cybersecurity risk assessments evaluate both technical and organizational risk factors, which yields a more fulsome and contextualized view of IT environments. These risk factors include those affecting the physical security of information assets and the susceptibility to remote network attacks. Notably, our recommendations are always based on objective criteria that help substantiate governance decisions and potentially limit legal and regulatory exposure in the event of a data breach.
 

Effective security governance ensures the organizational culture, business operations and cybersecurity risk management are in sync and aligned with the tolerance for risk.

Identifying technical vulnerabilities is necessary but not sufficient to effectively manage cybersecurity risk. Processes, workflows and culture contribute significantly to the magnitude of risk.

Cybersecurity risk is scale-dependent and therefore requires both macroscopic and microscopic assessments to address root causes and individual vulnerabilities, respectively.

experience

Although our work is strictly confidential, we are routinely requested to opine on topical issues as acknowledged security experts. Our articles have appeared in well-known publications such as The Harvard Business Review and The Financial Times, and our multiple reference books and technical papers in peer-reviewed journals are regularly cited by security professionals.

We are experienced former FBI agents who have worked in academia, government and business. Our experience includes:

Founder and Co-President of digital forensics and cyber consultancy Stroz Friedberg LLC. Acquired by Aon in 2016

Global Head of Security Technology for Goldman Sachs in New York and London

FBI senior executive who was awarded one of the highest civilian awards for technical contributions to counterintelligence and counterterrorism investigations

FBI Supervisory Special Agent who was in charge of the first cybercrime squad in New York

Advisors to the US government, major institutions and blue ribbon commissions

Dozens of complex security engagements in support of high-profile cybersecurity matters

Numerous books, peer-reviewed journal articles, public presentations and expert testimony

Member of the Fordham University Board of Trustees and consultant to the JASON Defense Advisory Group

CIO and CTO for The Juilliard School

Finally, our historical success in helping clients fulfill their cybersecurity oversight and governance responsibilities explains why in a world where formulaic security risk management is the norm, cyberattacks persist, and board members are held personally liable for data breaches, C360 is in demand as a trusted security risk management advisor.

BIOS

Selected Publications and Presentations

Science and Technology of counterterrorism.jpg
risk and theory of security risk assessment.jpg
information security science.jpg
Metrics methods security risk mgmt.jpg
Cybercomplexity.jpg

E. Stroz -Panelist

"Cyber from the Perspective of the Board" 

Panel discussion hosted by The Journal of Law and Cyber Warfare, November 10, 2020

E. Stroz - Author

"Ensuring Your Board is on the Same Page Regarding Cyber Response. Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers"

Palo Alto Networks, United Kingdom, January 2017

C. Young - Author

"The Enemies of Data Security: Convenience and Collaboration"

Harvard Business Review, February 11, 2015

D. Chang and C. Young - Authors

"Probabilistic Estimates of the Vulnerability to Explosive Over-pressures and Impulses"

The Journal of Physical Security," Vol. 4, Issue 2, 10-29, 2010

D. Chang and C. Young - Authors

"Infection Dynamics on the Internet"

Computers and Security, Vol. 24, No. 4, 280-286, 2005

bottom of page