Pine Risk Management

Rooted In Excellence

 

We Believe: Better decisions lead to better business.
Effective Risk Management reduces uncertainty, increases

confidence, and brings your business peace of mind.

 

At Pine Risk Management, we are dedicated to making security

simpler, more accessible, and attainable for all through research,

education, and consulting with a through line of excellence in everything

that we do.

Mission

We ignite progress in the security industry to protect our clients and communities.

Vision

To be a source of truth and progress within the security and risk management industries, while supporting the growth of our peers and maturity of our profession.

Values

Our core values center around Excellence, Stewardship, Integrity, and Creativity. Each has sub-values that help steer our daily decisions and actions as a company. We take committed actions to align and espouse our values in everything we do. See our values below. 

Our Values

Excellence

Striving to be the best at what we do and providing the highest quality products and services. Constantly seeking to learn from those that are better.

Accuracy

We are obsessed with getting things right, tracking when we are not, and improving our process to be your most accurate partner. We do not rely on gut feelings or years of experience, instead we follow evidence, data, case studies, and benchmarking to find solutions that work. We carefully track our decisions and their outcomes to constantly improve our craft. We provide effective recommendations while holding ourselves responsible for outcomes.

Lead by Example

Practice what we preach as the lighthouse model in security research, consulting, and information-sharing.

Stewardship

Security professionals are in a privileged position to build safer, more prosperous communities. We are entrusted to protect, and it is our duty to be accurate, innovative, capable, and creative in that pursuit.

Everyone Deserves Security

Security is a human right. Everyone deserves to be and feel safe and secure.

Integrity

We uphold the highest ethical conduct, doing what’s right because it’s the right thing to do. We know ourselves and our moral principles, and we fiercely uphold them in our practice. We operate in a manner that is morally sound and socially responsible.

Transparency

We don’t hide behind complexity or maintain proprietary secrets. We create opportunities for anyone to pursue tools and education that can affect their security peace of mind and their bottom line. We strive to bring the open source mentality to the physical security profession.

Openness

We maintain open minds and broad perspectives, reveling in debate and eager to be proven wrong. We espouse learning mindsets and we seek out dissenting opinions.

Creativity

We are inventive and develop creative solutions to meet customer needs. When we go with standard or cookie-cutter solutions, it’s because they are empirically better, not because it is the industry norm, generally accepted practice, or expected outcome.

Innovation

We experiment, innovate, and open source key concepts to bring innovation to security spaces. We elevate and expand academic research and education around red teaming, risk management, and security. We have a global mindset and develop creative solutions that are scalable regardless of geography.

Diversity

Diversity of opinions, backgrounds, perspective, and experience leads to better decisions, better ideas, and better outcomes.

Pine Priorities

Our Committed Actions

Excellence & Integrity

Our child-values include Leading by Example, Accuracy, Openness, and Transparency. Our committed actions to ensure we operate by these values include:

Lessons Learned Register

PRM will publish a Lessons Learned register to share information, root cause analysis, and important lessons that we want our peers to learn the easy way. These lessons learned include both internal and external incidents. Internal data means lessons that PRM has learned while conducting red team assessments or consulting. External lessons include those learned by our clients and peers – with their permission to anonymize and publish – that they wish they knew prior to learning the hard way. All lessons are open sourced and available to be used, shared, and expanded upon by security professionals.

Locks & Leaks

Each month Pine Risk Management’s leadership open-sources more information about Physical Red Teaming (PRT) to move the industry towards a more open and transparent model where resources, information, successes, stories, and lessons learned are shared among practitioners and students.

Quarterly Quality Review

Quarterly PRM meets for a Quality Assurance summit where we review our recommendations, intelligence, decisions, and other actions taken by the company to identify lessons learned, identify opportunity for improvement, and conduct root cause analysis on any issues.

Stewardship & Creativity

Our child-values include Everyone Deserves Security, Innovation, and Diversity. Our committed actions to ensure we operate by these values include:

Pro-Bono Assessments for Non-Profits

PRM regularly conducts pro-bono assessments for non-profit organizations. Everyone deserves security, not just large entities with the money to hire security professionals or consultants. This is why each month PRM offers advice, consulting, assessments, liaison services, and other security assistance to social good organizations within the community. We want to free these organization of security concerns so they can focus on their mission of helping people. If you know of an organization in need of security assistance, please ask them to email info@pinerisk.com for more information.

Teaching

PRM’s founders are involved in teaching, advising, and expanding red team and security professionalism across academia. From speaking at conferences, to teaching red teaming and risk management to graduate students at Universities across the U.S., PRM seeks to expand access to the security field to all that are interested. 

Consultant Network

Our consultant network will always consist of individuals of diverse background, experience, knowledge, expertise, opinion, and approach. We will re-assess our consultant network quarterly to prevent groupthink or hegemomy.

Our Growth

“When you’re surrounded by people who share a passionate commitment around a common purpose, anything is possible.”

Howard Schultz, Starbucks