Over 20 years of experience delivering transformative results.
Kuma is a global privacy and security consulting company. We pride ourselves on bringing progressive best practices for optimal success to every client, staffing each project with senior-level resources, and delivering influential thought leadership through strong industry relationships and quality partnerships.
Kuma has successfully delivered projects across numerous markets, including federal, state and local, commercial, and international sectors offering a wide range of services grounded in the governmental security and privacy standards of our client’s jurisdiction.
Our Services test
Strategy and Program Development
An Important First Step in Transitioning Your Organization to a World Class Privacy and Security Model
Kuma has the credentials and expertise to help you develop a best of breed privacy and security program and make a deliberate commitment to security and privacy excellence.
Privacy, Security and Identity
Better Decisions Means Better Outcomes
Kuma will work with you to conduct privacy risk assessments for your organization, programs, and technological solutions and provide insight into privacy implications for individuals and the organization, offering the opportunity to make risk-informed decisions.
Incident Response Management
Don’t Wait Until Data Gets into the Wrong Hands to Act
Kuma offers unparalleled expertise to guide an organization through a methodical organizational plan for the prevention of, planning for, and readiness to react to an unauthorized acquisition of data that compromises the security, confidentiality or integrity of personal information collected, processed, stored, transferred or disposed of by the organization.
Training and Awareness
A Major Determinant of Success for Your Security and Privacy Program
Developing a sound security and privacy program is a crucial step in establishing a culture of privacy and mitigating harmful and costly risks. Without company-wide training and awareness, you run the risk of low levels of stakeholder adoption and insufficient understanding of its importance. We’ve taken our personalized approach to security and privacy risk management and applied it to trainings, offering easy-to-implement training packages for your team. Fully customized to your needs and the issues of your industry, our training provides lasting education and a better value for your money than regular e-learning. Visit the Training page to sign up.
What’s All the Buzz About Digital Identity in Canada? Come On, Microchip Implants Don’t Hurt That Much.
The misinformation and disinformation on this subject are laughable on the surface, but sadly it is regressive and detrimental to Canada’s ability to flourish in the 21st Century while competing nations embrace the digital economy. Canadians deserve better than to be held back by baseless claims of a small minority.
The FTC delivered a strong message to Drizly and its CEO: Protect That Data!
The FTC’s decision against Drizly and its CEO, James Cory Rellas, echoed loud and clear: the agency is serious about companies’ protecting consumer’s data privacy, and if a CEO is not going to have direct oversight of the data collected, you need to hire someone to do it for you.
Log4J Vulnerability Still Looms: What We Can Learn from the Past About the Current Risks
Around this time last year (December 9th, to be exact), Apache revealed information regarding a vulnerability with a risk 10.0 CVSS (the HIGHEST possible score). This issue was disclosed during the winter holidays, which is a particularly challenging time to effect technology changes within any organization.