FAQ

Questions before you reach out

Clear answers about what CyberMind does, how we engage with Canadian clients and what you should expect from a defensive cybersecurity consultancy that uses AI tools alongside human analysts.

QUICK ANSWERS

Common topics

If your question is not covered below, contact us at [email protected] or use the contact form. We respond within two business days.

CyberMind consultant answering client questions during FAQ-style briefing session in Toronto

Pre-engagement briefing — we prefer direct answers over marketing language.

Do you offer hacking services or spyware, and can you guarantee we will not be breached?

No. CyberMind is a defensive cybersecurity consultancy — AI-augmented threat detection and intelligence with human analysts in the loop. We perform authorized, consent-based work only for client organizations that engage us in writing. We do not sell hacking services, exploit development for unauthorized use, spyware, stalkerware or surveillance of individuals. We do not access systems, accounts or data without explicit client authorization and defined scope.

No security provider can honestly guarantee that you will never experience a breach, data loss or security incident. Anyone who makes that promise is misleading you. Our work reduces and manages risk through improved detection, faster alert triage, threat intelligence aligned to your sector and structured incident response support. We are a professional services firm — not a self-serve SaaS product, not a training course and not a hacking-for-hire operation.

How does human-in-the-loop review work in practice?

Machine-learning detection and anomaly detection models continuously analyse telemetry from your SIEM, EDR, identity systems and cloud workloads. When a model flags a deviation or a correlation rule fires, the alert enters our triage queue — it does not go directly to your team as a confirmed threat. A qualified CyberMind analyst reviews the alert in context: who is involved, what changed, whether the activity matches known threat intelligence for your industry and whether a change-management ticket explains the behaviour.

Only after human verification does an escalation reach your designated contacts. False positives are logged, categorised and fed back into detection engineering so the same noise does not recur. This loop is the core of our methodology — AI accelerates pattern recognition; humans apply judgment, accountability and communication.

What does a typical engagement cost in Canadian dollars?

Pricing depends on scope, telemetry volume and coverage hours. As indicative ranges: a detection review or initial assessment typically starts around C$4,500. Fixed projects such as detection engineering sprints, phishing defence programmes or AI security assessments range from C$5,500 to C$24,000 depending on complexity. Ongoing SOC support and alert triage retainers run from approximately C$6,500 to C$18,000 per month. Incident response support retainers and ad-hoc engagements are scoped individually.

All figures are CAD, exclusive of applicable taxes. We provide a written scope document before work begins. See our Services page for per-discipline ranges.

Which security tools do you support?

We integrate with major SIEM platforms, EDR/XDR solutions and cloud-native logging services rather than requiring you to migrate to a specific vendor. During a detection review we inventory your current stack and identify integration points. Our value is in detection logic, analyst triage and threat intelligence — not reselling licences. If your tooling has significant gaps, we will say so honestly and can recommend capabilities to consider, but we remain vendor-neutral in our consultancy role.

Do you work with organizations outside Ontario?

Yes. While CyberMind is headquartered at 460 Richmond Street West in Toronto, we serve clients across Canada remotely. We understand that Quebec, Alberta, British Columbia and other provinces may have additional privacy requirements beyond federal PIPEDA. We address provincial considerations in our data handling agreements and scope documents. On-site workshops in Toronto are available; most operational delivery is remote.

How do you handle personal information and PIPEDA compliance?

When you contact us through the website, we collect the information you provide (name, email, message content) to respond to your enquiry. We process this data in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and our Privacy Policy. For client engagements involving access to telemetry that may contain personal information, we execute data processing agreements defining purpose, retention, access controls and breach notification procedures. Privacy enquiries: [email protected].

Can you help during an active security incident?

Retainer clients with incident response support provisions receive priority escalation paths as defined in their engagement letter. If you are not a retainer client and are experiencing an active incident, contact us immediately with details — we will assess whether we can provide ad-hoc support or refer you to a partner better suited to your situation. We provide containment guidance and investigation support within authorized scope; we do not perform unauthorized access or offensive operations against alleged attackers.

What is a detection review and how do I request one?

A detection review is our standard entry point: a structured conversation about your current security monitoring posture, alert volumes, team capacity and threat concerns. We may review high-level architecture diagrams and tooling inventories you provide — always under confidentiality terms. The output is an honest assessment of where AI-augmented detection and analyst support could help, with indicative scope and pricing. Request one via our contact form selecting "Detection review request."

Do you provide security awareness training or certification courses?

We include targeted awareness elements within phishing defence engagements — materials aligned to real campaigns targeting your sector, not generic annual compliance videos. We are not a training company and do not sell certification courses, exam preparation or large-scale e-learning platforms. If your primary need is organisation-wide security awareness training, we can discuss whether our phishing defence service fits or recommend specialists.

Where is my data processed and stored?

Our website is hosted in Canada. Contact form submissions are processed by our team in Toronto. Client engagement data handling is governed by contract — we can commit to Canadian data residency where required. We do not sell personal information to third parties. Details are in our Privacy Policy and Cookie Policy.

Still have questions?

We prefer direct conversation over brochure language. Send us a message and we will respond within two business days.

Contact CyberMind