In an era where digital threats continuously evolve, the most resilient organizations do not merely react to risks—they deliberately chart their own course for protection. Yet too many leaders struggle with the overwhelming complexity of formalizing cybersecurity policies and standards. Without a clear, structured framework, teams waste time, overlook vulnerabilities, and leave the door open to preventable threats. At its heart, cybersecurity is not just about technology—it is about trust. And trust starts with clarity.
Every organization faces risks, but the difference between thriving and surviving lies in preparation. Prevention is not just cheaper than recovering, it protects your reputation, your relationships, and your mission. When your cybersecurity policy is not clearly setting the direction, the least path of resistance is taken. When information security standards are vague or outdated, small oversights can turn into big crises. The question is not whether you need a formalized and robust program; it is whether you can afford to leave preventable gaps unaddressed. Investing in clarity now means you will never have to explain why you did not later.
Over the last 15 years, I have guided dozens of organizations of every size and complexity through the process of formalizing a comprehensive, actionable cybersecurity foundation. This is not just theory, it is a tested, proven approach. Now, I have distilled this expertise into something that makes the process seamless for you. Through a simple yet powerful method, I personalize your cybersecurity policy and every standard for your environment, tailoring ready-to-use documents with your organization’s logo and context. In less time than you think, you will have a complete, approval-ready framework of materials and the confidence that your organization has built a solid cybersecurity foundation.
This is not about checking a box or meeting minimum compliance. It is about building a footing for resilience, demonstrating leadership, and taking proactive steps to ensure your organization’s long-term security. With a step-by-step guide to walk you through the process and contextualized artifacts customized to your needs, you are not just getting a minimalistic and generic approach; you are investing in prevention, peace of mind, and a stronger future.
However, creating your cybersecurity policy and standards is not the finish line, it is the foundation. Once you have gone through the program and and approved your customized policy and standards, you will uncover gaps where your current activities do not fully match the expectations you have now set. That is not failure—it is progress. These gaps give you the clarity to develop that three to five year roadmap you have been struggling to define, guiding you through the work needed to bring your practices in line with your goals. Think of the policy and these standards as your line in the sand—a clear declaration of where your organization stands and where it is going. But make no mistake, this requires commitment and a considerable effort. Building a resilient cybersecurity program is significant work, but with this material, you will have a rock-solid foundation to start from and a clear path forward.
Investing in your cybersecurity foundation is not just a smart decision—it is a strategic one. For a fraction of the cost of bringing in an expert to build everything from the ground up, this program equips you with the tools, guidance, and clarity to take ownership of your organization’s security program. It is an opportunity to act decisively; to step into the future prepared and confident. The real question is not whether this is worth the investment—it is how much longer you are willing to leave your organization’s security to chance.
The materials have been arranged in the following three tiers.
CORE
Every great cybersecurity program begins with a strong foundation. The Core tier provides the clarity and structure needed to establish your organization’s baseline standards. It is about defining what matters most, setting the expectations that will guide your team and creating a unified starting point for your journey. This tier is ideal for organizations ready to take their first step toward formalizing their approach to cybersecurity with confidence and purpose.
PLUS
Building on the core, the Plus tier takes your program to the next level by focusing on alignment and refinement. It is designed for organizations ready to move beyond the basics, addressing the nuances of their unique environment while identifying opportunities for growth. This level provides the momentum you need to deepen your commitment and ensure your practices reflect the complexity of the challenges you face.
As a special bonus, with this tier, you will also receive an autographed copy of CyberDynamX to deepen your understanding and continue your cybersecurity journey. This is not just about securing your organization—it is about becoming a leader in cybersecurity.
PRO (coming soon)
The Pro tier is for organizations ready to lead. This is where strategy meets execution—where your standards become a transformative force in how your organization approaches security. It is not just about policies; it is about embedding cybersecurity into your culture and setting the bar for resilience and trust. For those ready to take ownership of their future and rise above the competition, this tier provides the tools to make that vision a reality.
With the Pro tier, you gain much more than just the tools to formalize your cybersecurity program—you gain a clear, actionable roadmap for success. You will receive up to three one-hour sessions with Curtis Blais, the author of CyberDynamX, to dive deeper into any aspect of the program, clarify complex concepts, or get personalized advice tailored to your organization’s unique needs. These sessions are designed to empower you with the knowledge and confidence to lead your organization toward long-term cybersecurity success.
As a special bonus, with this tier, you will receive not one, but two signed copies of CyberDynamX. One copy is for you to continue your cybersecurity journey, and the other is for someone else who may be struggling with the same challenges. Share the gift of insight and security leadership, and help others elevate their cybersecurity game. This journey is not just about securing your organization—it is about leading the way in the ever-evolving world of cybersecurity.
| Feature | CORE | PLUS | PRO |
|---|---|---|---|
| Cost | $5,000 | $7,000 | Coming Soon |
| Document Customization |  | | |
| CyberDynamX Book | x1 | x2 | |
| Live Consultation | 3x 1hr sessions | ||
| POLICY Digital Security | | | |
| STANDARD Acceptable Use | | | |
| STANDARD Account Lockout | | | |
| STANDARD Backup | | | |
| STANDARD Cryptographic Key Management | | | |
| STANDARD Data Classification | | | |
| STANDARD Data Encryption | | | |
| STANDARD Data Transmission | | | |
| STANDARD Database Security | | | |
| STANDARD Electronic Media Disposal | | | |
| STANDARD Guest Wireless | | | |
| STANDARD Logging & Monitoring | | | |
| STANDARD Malicious Software Prevention Detection Eradication | | | |
| STANDARD Mobile Device Management | | | |
| STANDARD Network Security | | | |
| STANDARD Passwords. | | | |
| STANDARD Privileged Account Creation & Management | | | |
| STANDARD Privileged Account Creation & Management | | | |
| STANDARD Remote Access | | | |
| STANDARD Risk Management | | | |
| STANDARD Security Incident Response | | | |
| STANDARD Security Training & Awareness | | | |
| STANDARD User Account Creation & Management | | | |
| STANDARD Wireless LAN | | | |
| STANDARD Zones Architecture | | | |
| STANDARD Cloud Vendor Security | | | |
| STANDARD Data Residency | | | |
| STANDARD Data Retention | | | |
| STANDARD IT Change Management | | | |
| STANDARD Major Risk Travel | | | |
| STANDARD Physical Security | | | |
| GUIDELINE Passphrases | | | |
| GUIDELINE Risk Register Operation | | | |
| GUIDELINE Major Risk Travel | | | |
| GUIDELINE Segregation of Duties | | | |
| PROCEDURE Exception Request | | | |
| PROCEDURE Risk Management | | | |
| PROCEDURE 3rd Party Disclosure | | | |
| PROCEDURE IT Change Management | | | |
| PROCEDURE Security Incident Response | | | |
| MORE (Coming Soon) | |
If you’re looking for someone with that rare combination of character, vision and leadership, who can still roll up their sleeves to get things done, meet Curtis Blais.
President
SC Canada Services Inc.
Curtis is one of the most creative mind I know, and taught me to think outside of the box…
Senior Security Consultant
TELUS
Your work has been sooo helpful!
Director, Information Technology
Olds College
Curtis is a strategic 21st Century thinker and doer and he has a vision that captures the imagination. Curtis is a highly regarded leader in the security community.
CSO / Canadian Security Director of the Year
TELUS
I’ve had the privilege of working with Curtis on some really cool things this past year. He’s a trusted source, whip smart, super humble, and an all-around great guy. If you’re employed in any cyber security role regardless if you’re just starting out or have a few battle scars, his book is probably something you want to add to your library.
Director, Cybersecurity & CISO
MacEwan University
I've never worked with a person with more integrity.
Information Security Analyst
AIMCo
Curtis is the definition of professionalism. He is one of the most knowledgeable professionals it is my pleasure to know in the areas of Security and Compliance.
He is a visionary…
CTO
ATB Financial
Curtis is a pragmatic strategist who emphasizes risk reduction and digital resilience by implementing effective controls in key areas to thwart one's adversaries.
Field CTO Cybersecurity
Cisco Canada
I believe the book is well positioned to be a thought-leader and practical guide for organizations looking to establish a solid security posture. I love how the book transcends the commercial and not-for-profit sectors, and is applicable to companies in Canada, the US, and internationally. Highly recommended and worth every penny!
CISO
MRNET
I wish that I’d had this book when I was starting out in cyber security. It would have saved me from making many common and uncommon mistakes, leaving me free to find new and creative mistakes of my own to make.
Chief Information Security Officer
University of Northern BC
I'm a practical person, and I don't like to fall into excessive praising, but I chose my words lightly when I say you were very inspiring.
Sr. Consultant/Manager
KPMG
…you speak with humility, something that makes you very approachable, especially to people who may not have the confidence of those more established in the field. Cybersecurity needs more people like you.
Chief Information Security Officer
University of Northern BC
I have been consistently impressed by Curtis' professional competency and solid knowledge in the IT security, compliance and governance disciplines.
Sr. Manager
Alberta Blue Cross
Much of your work regarding IT Security Governance has remained as the foundation for effective operations. And it provided an excellent foundation that we could expand upon. Your great work, and its cumulative impacts, set us up for future success in a lot of regards. Also, our Enterprise Architect is a big fan.
Director of Information, Risk & Compliance
NorQuest College
Curtis’ leadership and guidance in advancing cybersecurity programs within Canada’s higher education sector highlight his deep expertise in risk management and his commitment to high standards.
Chief Information Security Officer
British Columbia Institute of Technology
He always demonstrates professionalism in every facet of business and has a proven record of success as a leader…
Director, National Solutions Delivery
TELUS
Curtis is a leader, humble, creative, and has a tremendous amount of integrity.
Team Manager
Alberta Blue Cross
Curtis has proven to be a strong and highly knowledgeable professional who has served our organization very well…
CIO
Alberta Blue Cross
I still have the materials and lessons learned from the leadership program you did for us!
Manager Server Infrastructure & Operations
Alberta Blue Cross