Wesley Bull, CEO, Sentinel Resource GroupWesley Bull, CEO
While possibilities for cyber attacks widen with advancements in technology and diverse actors, businesses are racing to keep pace with the velocity of ever-evolving cyber threats. The greatest dangers of a cyberattack are reputational risk and compromise of sensitive data, alongside financial and legal ramifications. This highlights the need for chief security officers (CSOs) and chief information security officers (CISOs) to implement stringent contingency plans and response strategies. Additionally, with the convergence of physical security and cybersecurity, companies are looking for a trusted advisor to make concerted efforts in strategically addressing today’s multi-dimensional and sophisticated security threats environment.

This is where Sentinel Resource Group (SRG) comes into the picture. Serving companies across diverse industry sectors, SRG has positioned itself as a strategic advisor to the board and the C-suite on enterprise security risk management. “While there are a significant number of providers in the advisory space, what truly differentiates us is the fact that we look at the threat matrix through an integrated enterprise risk lens and not just in the silo of cybersecurity,” says Wesley Bull, CEO of Sentinel Resource Group.

Headquartered in San Jose, California, SRG also has offices in Los Angeles and Washington, D.C. Although SRG’s customer base consists of global corporations, it predominantly caters to high-growth, middle market companies seeking strategic advice to design and develop their security and safety programs intelligently, rather than arbitrarily.

The Beginning Chapters

Bull brings a wealth of diverse experience to push the envelope of enterprise security risk management. Beginning his career in law enforcement and public safety, Bull received advanced training in a variety of specialized investigative domains, including cybercrimes. He worked in multi-agency task force assignments, which included investigating internet crimes against children, money laundering and financial crimes with a nexus to cyber. This eventually led him to working as a contractor for an agency within the United States Intelligence Community, where he was able to apply his uniquely integrated skills and experience to specific national security issues. Bull successfully transitioned to the private sector, where he worked as the top security executive (CSO/CISM) with preeminent organizations like First Republic Bank and NVIDIA Corporation. The increasingly complex security risk environment, coupled with the lack of strategic convergence to address enterprise security risks greatly informed his decision to move toward entrepreneurship. “Consequently, I founded SRG, placing an initial focus on the intersection of national security concerns with global business,” notes Bull. Today, SRG serves as an enterprise security risk advisory firm that offers strategic consulting, assessments, specialized staffing, and program development solutions.

Comprehensive, Holistic Risk Management: SRG’s Recipe for Excellence

SRG is often sought out to provide strategic guidance focusing on the convergence of physical security and cybersecurity in terms of program design and maturation. “Approaching enterprise security risks in an integrated and holistic fashion can result in better investment decisionmaking, improved risk mitigation, and more efficient and effective operationalization,” notes Bull.

Approaching enterprise security risks in an integrated and holistic fashion can result in better investment decision-making, improved risk mitigation, and more efficient and effective operationalization

When it comes to preemptive incident response planning, the company guides the board and the C-suite to navigate the broader impacts of a security event on the brand. For instance, organizations might need to make critical decisions about whether to pay a ransom after a ransomware attack. They must consider a number of factors—“What are the legal implications to the organization, given the posture by the U.S. government about paying ransomware?” “Are we required to alert the SEC, or other regulators?” This is where SRG’s holistic approach to enterprise risk advisory comes in. “Our organizational DNA is like that of a task force model, wherein we curate cross sections of expertise from different verticals. At SRG, we have assembled a team from a collection of diverse disciplines. This enables us to offer strategic advice that’s uniquely differentiated from our competitors,” shares Bull.

This integrated and aligned approach enables SRG to more effectively look around corners and anticipate events and implications from a decision-matrix perspective. “With regards to strategic and proactive engagement, we're not typically brought during an incident in crisis mode. Rather, we are engaged by C-Suites and boards to understand the challenges they are facing to advance their enterprise security program, being mindful of the business plans and culture of the company,” comments Bull. Notably, SRG assesses the culture of client companies at the forefront of their engagements, and dissects the elements of the corporate culture that can get in the way of advancing a particular program. The company also works through a strategic framework to advance the security program in a meaningful way. This further distinguishes SRG from other advisory firms that lay emphasis solely on their technical acumen.

Paving the Path for Customer Success

As a testament to SRG’s robust capabilities, Bull recalls the success story of one of their clients, a Fortune 50 global technology company. The client faced a wide range of risks while working on a unique project to deploy a charter high school, focusing on science, technology, engineering, and mathematics (STEM) education, amid its corporate campus. Although they had already decided to establish the school and invested millions of dollars in a state-of-the-art facility on the campus, they had not worked through all the potential repercussions of deploying such a capability.

The idea was that students in the STEM program would not only transit between their classes in the high school facility on the campus but also go and incubate work on real-life STEM projects with the tech company. Taking all risk vectors into account, SRG helped the client anticipate and understand the operational implications transcending both physical and digital considerations. For instance, on the physical side, there are gyms, a pool, locker rooms, and more on the campus. This certainly raises a question about the potential dangers of mixing adults with children in locker rooms. There might be certain employees that are registered sex offenders and could introduce risk to children. The employee might also be in a compromising situation because they could potentially be in violation of their status. On the digital side, SRG discerned the ill effects of exposing children to age-inappropriate content or images. Also, the client could incur cybersecurity risks because of allowing children into the corporate network environment. Thinking through all parts and pieces holistically, SRG helped the client better contemplate security risks and enable the operationalization of this program.

SRG continues providing strategic insights on the best ways to mitigate emerging security risks to their clients. The firm is actively advising a digital payments company on the design of a fusion center model merging fraud, cyber, physical and insider threats, among others. And given the significant adoption of hybrid work environments borne from the pandemic, SRG is closely working with clients to help them deliberate on emerging security and legal risks that arise from global use of co-working spaces. “We are humbled to be entrusted to help such iconic companies better protect their people, places, and things,” remarks Bull.