Over 20 years of experience delivering transformative results.
Kuma is a global privacy and security consulting company. We pride ourselves on bringing progressive best practices for optimal success to every client, staffing each project with senior-level resources, and delivering influential thought leadership through strong industry relationships and quality partnerships.
Kuma has successfully delivered projects across numerous markets, including federal, state and local, commercial, and international sectors offering a wide range of services grounded in the governmental security and privacy standards of our client’s jurisdiction.
Our Services test
Strategy and Program Development
An Important First Step in Transitioning Your Organization to a World Class Privacy and Security Model
Kuma has the credentials and expertise to help you develop a best of breed privacy and security program and make a deliberate commitment to security and privacy excellence.
Privacy, Security and Identity
Better Decisions Means Better Outcomes
Kuma will work with you to conduct privacy risk assessments for your organization, programs, and technological solutions and provide insight into privacy implications for individuals and the organization, offering the opportunity to make risk-informed decisions.
Incident Response Management
Don’t Wait Until Data Gets into the Wrong Hands to Act
Kuma offers unparalleled expertise to guide an organization through a methodical organizational plan for the prevention of, planning for, and readiness to react to an unauthorized acquisition of data that compromises the security, confidentiality or integrity of personal information collected, processed, stored, transferred or disposed of by the organization.
Training and Awareness
A Major Determinant of Success for Your Security and Privacy Program
Developing a sound security and privacy program is a crucial step in establishing a culture of privacy and mitigating harmful and costly risks. Without company-wide training and awareness, you run the risk of low levels of stakeholder adoption and insufficient understanding of its importance. We’ve taken our personalized approach to security and privacy risk management and applied it to trainings, offering easy-to-implement training packages for your team. Fully customized to your needs and the issues of your industry, our training provides lasting education and a better value for your money than regular e-learning. Visit the Training page to sign up.
Digital Identity Certifications & Trustmarks are Not Just for Government Business Anymore: Why Risk Future Business Without Them?
As one peruses various vendor websites in the global identity and access management industry, words like "security", "trust", "privacy", and "secure" leap off the home pages. While each vendor does its best to differentiate itself from the pack, buyers are challenged to identify the “haves” from the “have nots” when it comes to meeting their unique internal or customer requirements, or complying with regulations in the jurisdictions they do business in.
Beyond the Buzzword: What is the ‘Zero Trust Model’ and Why is it Essential?
To help understand the relatively new concept of the Zero Trust Model when it comes to data privacy and security, think of something very old: a castle from the Middle Ages. The traditional approach to security called for high walls, a moat, and a drawbridge all meant to fend off an outside attack. Those allowed inside the castle walls were considered trusted and had unchecked access. Applying the Zero Trust Model, the exterior barriers would remain, but additional interior measures would track everyone’s movements throughout the castle and reconfirm authorization prior to accessing any room.
Consent is the "Little Black Dress" of Privacy
Just as the LBD could be considered an anchor of a woman’s closet – if not of the women’s fashion world in general – consent could be argued to be the LBD of the privacy world. Every organization collecting personal information needs consent to do it. It’s the baseline authority mechanism for collecting, processing, storing and transferring that personal information. Consent is needed by government agencies, financial services companies, healthcare organizations, cloud communication providers, ride share platforms, online retailers, and everything in between.