Factor delivers a faster, smarter approach to managing AI initiatives with a focus on operational control requirements and liability.
At Black Hat 2025, cybersecurity and compliance leaders Christopher Strand and Jason Thompson officially launched Factor Cybersecurity, a company focused on helping organizations adopt AI securely while aligning with evolving governance, risk, and compliance (GRC) requirements.
Factor enters the market with a strong book of business and an ambitious product roadmap aimed at bridging the gap between AI adoption, security control assurance, and AI cyber-risk liability
“AI is transforming the world—but it’s also generating a wave of hype, shortcuts, and imitation,” said Jason Thompson, Co-founder and CEO. “Factor takes a different approach. We help organizations adopt AI with confidence by focusing on tangible outcomes and a clear path to managing AI-related cyber-risk and liability.”
Also Read: CIO Influence Interview with Dipto Chakravarty, Chief Product and Technology Officer at Black Duck
“AI is transforming the world—but it’s also generating a wave of hype, shortcuts, and imitation. Factor takes a different approach. We help organizations adopt AI with confidence by focusing on tangible outcomes and a clear path to managing AI-related cyber-risk and liability.”
As businesses embed AI and non-human identities (NHI) into core operations, traditional GRC tools struggle to keep up. Core to Factor’s solution is the ability to understand cybersecurity liability, particularly from new AI solutions. Most organizations are investing in policing their AI agents, but risk to the business has largely been ignored. Factor provides practical solutions that ensure both AI- and human-driven processes meet operational, security, and regulatory standards.
“AI-, human-driven, and NHI-driven processes all demand due care—and often, AI requires even more scrutiny,” said Christopher Strand, Co-founder and Chief Strategy Officer. “Factor was created to help organizations meet these challenges head-on, with services and tools that are audit-ready and regulator-aligned.”
Built for Now—and Built to Scale
Factor launches with a suite of cyber compliance services supporting PCI DSS, HIPAA, GDPR, NIS2, and upcoming AI regulatory frameworks. Offerings include operational access reviews, control validation, risk assessments, and audit readiness tailored for rapidly evolving environments.
PCI DSS is the initial focal point, but Factor’s roadmap includes expanded industry coverage and the development of a scalable platform to automate and continuously monitor AI governance, security posture, and compliance health.
Also Read: Scott Holden Joins Vanta as Chief Marketing Officer
A People-First Company
Factor is as much about how it operates as what it delivers. The company is founded on a people-first philosophy, ensuring that employees, customers, and partners are treated with respect, integrity, and shared purpose.
