We create methods and tools for building security culture and awareness.

Cybersecurity Culture is Good for Business

Innovative organizations are built on trust and transparency. They move fast because they share information effectively and trust everyone to make good decisions. Cybersecurity has long stood in the way of that. Strict rules and policies don’t work, because they don’t apply to every situation. Making the security team review and decide everything slows business down and often makes security an afterthought. If you want your entire organization to make responsible decisions when it comes to data and technology, risk awareness is not enough. Everyone needs to be trusted to make good decisions, even when the security team is not watching. They need to have the tools and support to make those good decisions. That’s what security culture is about: security is everyone’s job and everyone is trained and empowered to take that ownership.


Managing cybersecurity risks effectively does not have to cripple your organization by adding hierarchy and bottlenecks. Even a nimble low hierarchy organization without full-time security people can achieve security certifications. We know, because help startups achieve them.


Are your customers or investors asking you to do something about cybersecurity? Are you responsible for cybersecurity and would like to get the rest of the organization onboard?


Book a free 30 - 60 min consultation call with us, we’re happy to share our thoughts and ideas.

Easy to Use

CyberCoach

CyberCoach helps security teams achieve more with less. Awareness training, 24/7 help and support, building and measuring security culture all in one app. Check out our product website for more information.

CyberCoach Gif

Threat Modeling

Ciso as a Service

Give a man a fish and you feed him for a day; teach a man to fish and you feed him for a lifetime.


That’s how we think of risk assessments. In today’s fast-paced world organizations need to experiment and quickly and continually try new things. Risk assessments need to be part of every teams’ and individual’s daily decision-making. Security professionals can’t always be there. Your organization is the best expert in what you do and by teaching you to understand the risks, you’ll always make the best calls.


Our business threat modeling canvases integrate assessing risks to security, privacy and business continuity with assessing risks to sustainability, corporate social responsibility and data ethics. We’ve designed canvases to support decision-making from individual team-level to corporate board-level.


If you give us 30 minutes, we’re happy to show you in practice how our canvases work.

Chief Information Security Officer as a Service (CISOaaS)

Short on security hands? A CISOaaS monthly subscription can temporarily fill the gap. You get a dedicated, experienced senior team member and access to a whole team of domain experts (incl. data privacy and legal) when needed. All our methods, policy and process templates, tools and canvases, including CyberCoach for online awareness training, are included in the flat monthly rate as well. They are based on industry best practices and will help you maintain or attain security certifications such as ISO/IEC 27001 or SOC 2/3 compliance.


Your CISOaaS works with your organization to build skills and security culture. While doing this, we’re extra happy to coach and train your future CISO, if you have or get someone internally that would like to grow into those boots.


CISOaaS plans start at 5 000 € / month. Available remotely anywhere in the world. No fixed length contracts, cancel anytime.

Ciso as a Service

Let's Talk

We want to make this as effortless for you as possible, but we also want to respect your privacy.


Calendly makes it really easy for you to schedule a call with us. But unfortunately this requires you to provide Calendly with some details and cookies (unless you have blocked them in your browser).


Calendly is a U.S. company, and stores all it’s data there, so if you’re from the EU or otherwise uneasy with that --> just email us at bookademo[at]cultsecurity.com with a couple time slot suggestions and we can set up a call or online meeting on your choice of platform.

Meet the Founding Team

Cult Security was founded by Maria Bique, Teemu Turunen and Mikko Toivanen. Combined these three have over 50 years of experience in the intersection of tech and business.

Maria's background is a mix of information security, emerging technologies, digital strategy and transformation. She has lead a security awareness organization at the largest Nordic bank, as well as held business unit and program lead as well as CxO advisor roles across various industries. She is also a recognized expert in data privacy and information security.

Teemu has run IT and security development in various organizations ranging from startups to governments for the last couple decades. Teemu has extensive experience with rationalizing various security standards and developing various kinds of robots.

Mikko is an experienced software architect and application development leader. For the past number of years he has focused on leading agile development teams and building security aware experimentation and innovation in organizations of all sizes.

Each of us in our technology leadership roles have felt the pain of old security rules not applying to modern digital development. It simply can't be about security professionals continuing to act as gatekeepers that decide what others can do and how they can do it. In modern fast-paced organizations everyone is a decision-maker, and every decision involves data. Solutions that enable everyone to make good decisions with data and technology are needed. Cult strives to create those solutions.

About Cult Security

Our Story

Timeline