Coalfire: Maintaining Compliance Standards while Reducing Cyber Risks

Rick Dakin, CEO & Chief Security Strategist
The altercation with a cyber risk environment for companies that strive to transform into digital businesses of the future is inevitable. The need of the hour is an advanced risk management capability; one that is nimble enough to help companies recover fast from attacks as well as improve their future defense capability. This is where Coalfire steps in, providing IT audit, security assessment, and IT compliance management solutions. “We constantly evaluate threats that emerge from current technology trends like cloud and mobile, and combat it with services that include deep technical assessment and compliance solutions,” informs Rick Dakin, CEO and Chief Security Strategist, Coalfire.

Focusing primarily on risk management, all of Coalfire’s solutions are issued after thorough consultation. “We do not offer premeditated solutions, but rather technology tools that are a perfect fit for a particular business issue,” says Dakin. Also, since the company narrows its services to cyber risk and compliance, their expertise runs deep in technical skills, evaluation, and mitigation of risks. In line with this, Coalfire offers the Federal Financial Institutions Examination Council (FFIEC) Assessment, which is designed to assist federally insured financial institutions with risk reduction, enable FFIEC compliance, and increase operational efficiency. “While our competitors engage in several services, at Coalfire, we believe in emphasizing and honing on our niche approach— independent cyber and compliance risk advisory,” he adds.

Conducting 1500 assessments and advisory engagements in a year, Coalfire has witnessed varied security threats. In response, the company has devised an innovative enterprise risk and compliance platform—Navis, which tailors workflow and communication. Navis comprises of a number of SaaS solutions that provide organizations protection against data breaches, while effectively maintaining compliance.
In addition, Coalfire also offers processes and consulting services that allow customers to be truly compliant to the Federal Risk and Authorization Management Program (FedRAMP) standard—which establishes secure and compliant cloud services for government agencies. Coalfire is a FedRAMP third party organization working with cloud service providers as assessor or advisor. “Our solutions assist in easy navigation through the FedRAMP templates and having conducted a large number of assessments, we provide an extremely streamlined method to get through FedRamp approval,” states Dakin.

In one instance, a large retail financial services company was challenged by a cyberattack. Their system was locked out because of ransomware and overnight, it accelerated into a million dollar problem. Having met the client's compliance standards for 7 years, the customer sought for Coalfire's help to mitigate the risks in their compliance programs. On request, Coalfire also conducted an end-to-end assessment of the different business functions specific to HR and legal. Although the probability of the client coming under attack still holds, they are now better off in their ability to defend against negligence claims. Coalfire’s ability to negate cyber and compliance risks also finds way into its name, which signifies the transformation of coal into fire.

Focusing primarily on risk management, all of Coalfire’s solutions are issued after thorough consultation

Currently, investing heavily in the market for growth equity capital, Coalfire has added 100-150 senior level cyber advisors. “The company is going to own the independent advisor role at the board and that’s our mission,” reveals Dakin. Coalfire also observes a massive growth potential in the cloud and plans on expanding their services to customers of Amazon, IBM, and VMmware.

(Rick Dakin passed away on June 22, 2015, couple of days after he gave the interview to CIO Review)


Louisville, CO

Rick Dakin, CEO & Chief Security Strategist

Provides IT audit, security assessment and IT compliance management solutions.