Find Your SECCON | Critical Start
Webinar Series | Once More unto the Breach | Lessons Learned from Billion Dollar Breaches



Find a strategy that fits your unique business needs

SecCon: Security Readiness Condition

When it comes to security strategy, one size doesn’t fit all. At Critical Start, we listen to our customers to understand where you are today, define your specific security needs, and provide a recommended approach and roadmap to achieve your goals.

From compliance requirements to budget constraints to risk tolerance, there are many factors to consider when building your security strategy. With these considerations in mind, we’ve developed a unique approach to evaluating our customers’ Security Readiness Condition or “SecCon.” Some organizations have basic needs when it comes to security. Their goals and needs are simple. Others must contend with compliance requirements, but their budget is still limited. Some organizations must protect highly sought-after assets and require advanced security protocols and intense manpower and expertise. And some organizations fall somewhere in the middle of the spectrum.

Let Critical Start help you find your SecCon level.

SecCon Levels Defined


SecCon 5: Operational Security

Focus on operational security with minimal resources and budget allocated. Protection of digital assets is a low priority. Risk tolerance is high.


SecCon 4: Compliance

Cybersecurity needs are driven primarily by compliance requirements.


SecCon 3: Industry Standard

Security requirements are based on common practices for industry or peer group. Risk tolerance and resource investments reflect an industry-standard approach.


SecCon 2: Best Practice

Protection of digital assets is a priority and information may be targeted by hackers. Best-practice approaches to security and greater resource allocation reflect a lower risk tolerance.


SecCon 1: Advanced

Cybersecurity is a top priority. Attackers actively seek access to the organization’s information. Security investment and strategies are driven by a need to detect and effectively respond to sophisticated, targeted cyber attacks.

What’s Your SecCon Level?

Critical Start experts can help you define your SecCon Level as a starting point for building a custom security strategy that’s tailored to your unique needs.

This is not a maturity model but rather a desired outcome for an organization to match risk tolerance, budget, and threats of concern. The methodology is not to determine which products, if any, should be purchased. Instead, it represents a set of capabilities that lean heavily on the people aspect of security – good governance and processes along with a secure architecture and configuration.

  • Business Needs
  • Compliance Requirements
  • Risk Tolerance
  • Budget