About Pharos

Why Pharos?

The Lighthouse of Alexandria (also known as the Pharos of Alexandria), built in ~284BC, was constructed to guide ships – during challenging visibility or unfamiliar waters – to the safe haven of the Port of Alexandria.

Similar to how lighthouses are used globally to alert of threats, and guide vessels to safety, Pharos guides organizations, globally, toward greater confidence and safety in challenging cyber operational environments.

Pharos enables leadership and management teams to keep on top of their global cyber risk, and to justify the actions and costs of cyber security operations to control that risk.

Pharos Genesis

“I built the capability I needed when I ran SecOps in a global organization” – Douglas Ferguson, Pharos’ founder

After my first 13 years as a professional security expert – developing vulnerability scanners, firewalls, and IDS technology, and consulting to over 200 organizations globally as a member of the Internet Security Systems / IBM X-Force – it became clear there was a huge gap between ‘doing security’ and ‘protecting the vital interests’ of an organization.

But why does this gap exist?

In 2008 I jumped on an opportunity to figure this out from the inside. I moved overseas and joined the rebuild – from essentially scratch – of a global enterprise security program. My strategic objectives were to discover and understand the forces at play, behind the scenes, that most influence executive, management, and operational perceptions of success.

After several years, and incredible exposure, it was crystal clear that the cyber security and risk industry – including vendors, institutes, governments – has failed to address – even acknowledge – a critical set of success factors. And, insidiously, the time and space to perceive, consider, and tackle these issues, organizationally while inundated with the day-to-day of SecOps, has meant the solution hasn’t come from the inside.

There is a myriad of blame – actually, red herrings:

Was it lack of budget, technologies, or experts? Was the CISO not given enough of a chance? Was is just impossible to be successful because threats change too quickly?

These are all very intuitive considerations. But, they are not the cause, they are the symptoms of the larger problem.

Pharos has created a system to tackle this problem. To cross the communication and value-add-perception chasm between the CISO and SecOps and the C-suite and the Board.


Business as Usual

Pharos also deeply understands the need for “business as usual” while you look to implement new tools and services which is why our approach ensures that there is no disruption to your business and no need for deep integration of the platform on the client side.


We can start small to prove how this will work in your environment.


We deliver value in weeks.


We seek specific info using simple and uncomplicated methods.


We minimize your team’s time investment.


No activity will cause business disruption.


Douglas Ferguson

Douglas Ferguson

Founder and CTO

A security professional of over 20 years. Doug was with a Global Bank, where he was responsible for numerous security programs and initiatives across more than 40 countries. Ferguson was a Managing Consultant and researcher on the acclaimed X-Force at Internet Security Systems. He delivered security services to more than 200 clients globally and was a co-creator of the breakthrough System Scanner technology.

Communicate with the C-Suite in Business Terms

Translate the jargon of Security into Protection stories that resonate with the C-Suite.

Measure and Optimize Security ROI

Strongly connect the costs of Security to levels and types of Protection.

Guide an Informed Risk Appetite

Model Protection-Cost options and produce detailed SecOps action plans.

Measure and Track SecOps Performance

Leverage a comprehensive KPI suite to qualify and quantify SecOps. Centralize and curate the artefacts of SecOps.