A lot of time has passed since when nobody thought it was worth spending money to secure information systems on the Internet. In the end, information systems had been within the company perimeter for decades, why waste money to protect something that had never been threatened?
Today, information security is one of the costs of doing business: you need a legal counsel, a general liability insurance policy, a labour consultant, and someone you trust to help protect sensitive data and comply with the rules (GDPR, PCI, just to name a famous couple).
A security consultant used to be a guru, today he is a professional helping his customer sharing his specialist knowledge.
There is no more need of gurus, security is (or, it should be) one of the components in the design of every process or application.
If security is a mundane task, there is no need to compete to be the guru of the gurus, like it was in the early days.
So our primay partners are the ones we would have defined as competitors 15 years ago: companies like ours, sometimes competing with us, sometimes sharing with us a complex project. People we know since many years, people we trust and, hopefully, peole who trust us.
Our other partners are technology vendors. We have a very small number of partners, partly because we decided to focus on niches, partly because we tend to develop a deep relationship with our poartners: we share our market and customer knowledge with vendors, they share their knowledge of the technology with us.
At the moment our partnerships cover End User Awareness and Training , cryptographically secure information sharing, endpoint protection (ransomware is everywhere) and the backup of endpoints (windows, linux, iOS, android, Mac…)