A brief history and mission of the company
TomeSpell Security OÜ has been established in Estonia in 2022 as an "Eraettevõte", a private limited company. "Tome" part comes from an item that contains a hefty information about important topics and aspects whereas "Spell" part comes from the similarity between magic and nature of cyber security.
A collective group of information regarding to edge-cases and practical aspects of cyber security is the basis of TomeSpell Security as a company. Members of the company have background in practical implementations of security precautions and the overall company posture leans towards the idea of actually securing an organization instead of just checking boxes and calling it a day.
Cyber security, as a field, is known to be a "big spender" within organizations. Breaches are deemed catastrophic by interns and c-levels alike and to prevent them, companies would rather spend a lot of money (and resources). However, over the time these costs and efforts of security engineers start to be seen as a burden. Thus, the need to justify these costs and efforts becomes a necessity for multiple parties.
Just at this point, a lot of players descend into the scene. Certifications become important and being compliant with multiple security/privacy standards are required by business partners. In time, these requirements turned into a full-cycle which led to companies only investing in security to "check boxes" (a term that describes the main goal in security investments being just to comply with requirements, instead of actually being secure).
This is where TomeSpell Security tries to intervene. To prevent organizations from falling into the "false sense of security", TomeSpell advocates and advertises security protocols that are more sound and practically applicable in real life. Outdated ideas and counter-intuitive implementations are a bane of a good security posture and fixing them is easier and cheaper than assumed, with TomeSpell Security services.