For boards, executives, and security teams · risk, governance, resilience
Bench Strength, On Demand
Direct access to practitioners who have run national-security files, police services, and major investigations — no scoping call, no statement of work. Self-paced courses keep teams current while leadership sees capability, and gaps, at the role level.
Mapped to Your Risk Register
Insider threat, supply-chain loss, crisis decision-making, workplace investigations, OSINT — coverage lands on exposures your board already tracks. Priced per participant, annually: you pay for the people using it, nothing else.
Casework, Not Theory
Every course is built from anonymised real engagements and refined by learner feedback — practical, current, and tied to incidents that actually happened. Raise a new pain point and SME-built material follows in short order.
One membership replaces scattered one-off training and ad-hoc consults with named practitioners on call — so every answer your team relies on stays attributable, documented, and defensible.
Executive-grade learning, mapped to the risks that matter.
Your risk register does not wait for training cycles. Membership gives your teams practitioner-built courses spanning insider threat to crisis leadership, Visor to interrogate them, and the experts behind every answer one message away.
This lineup is built from thousands of lived-experience insights I’ve extracted from interviews with three of Garuna Group’s anchor subject-matter experts — and shaped by the operational problems they’ve been called on to solve, repeatedly, across their careers.
Where their case files keep landingEach module sits where a real operational pain point meets an SME who has actually operated through it.
-
Inside the Wire Insider Risk Insider risk through real Canadian national-security and public-sector cases — where human motivation, media dynamics, law, and organisational failure converge. Explore the course
-
Investigative Interviewing
Essential Techniques
A structured, ethical, practical frame for investigators and security professionals — planning, elicitation, credibility assessment, and the close.
Explore the course
-
Open-Source Intelligence
Principles & Practice
OSINT fundamentals and advanced tradecraft — gathering, analysing, and applying public data to risk assessment, threat detection, and decisions under pressure.
Explore the course
Decision-Making Under Uncertainty
Recognition-primed decision models, OODA loops, and Cynefin-based triage for high-stakes calls where information is incomplete, contradictory, and time-compressed.
Insider Threat Detection
Pattern recognition, bias-audit method, and boundary analysis combined into an expert playbook for catching insider risk before it escalates.
EQ, CQ & IQ
Treats cross-cultural workplace investigations as their own discipline — separating emotional, cultural, and cognitive intelligence and showing where each one fails.
Lead SME
Arjun B.
Cargo Theft
Nine-module program covering the global cargo theft landscape, North American hotspots, theft typology, and the criminal fieldcraft behind each.
The Crisis as Live Laboratory
Crisis leaders learn to treat an unfolding event as a real-time learning environment — spotting what is working mid-event and adopting it immediately.
Triaging Threat Actors
Tiers threat actors by severity, concentrates lock-down resources on top-priority targets, and deploys residual capacity across the long tail.
Identifying underlying motivations — recognition, grievance, legacy — holds stronger under operational pressure than financial incentives. Reframing engagement from a transactional focus on money to one about access shifts the asset’s self-perception from informant to partner, and that single reframing survives the long-cycle handler turnover.
CQ mastery moves from context — Indigenous foundations — through definition and application in healthcare to operationalisation in the workplace. Treat it as a layered competency, not a single concept. When investigators collapse the layers they default to surface compliance and miss the actual interaction pattern that produced the harm in the first place.
Breadcrumb tracking history gives police evidentiary “reasonable and probable grounds” for a search warrant — especially when the device pings an industrial area or warehouse the load was never scheduled to be at. That single chain of pings is what converts a stolen load into a prosecutable case rather than an insurance write-off six weeks later.
We’ve received a workplace complaint involving parties from different cultural communities. We need an investigation method that holds up under external review.
Cross-Cultural Workplace Investigations module · lead Arjun B. A layered CQ interview frame — Indigenous context, healthcare application, workplace operationalisation — that your investigator can run on Monday.
A documented, culturally-competent method gives the investigation file the defensibility a Human Rights Tribunal record or section-264 challenge demands.
An employee with privileged system access has triggered several anomalies. Before we act, we need a structured way to assess motivation and intent.
Insider Threat Detection module · lead Ruari Nicholson. Motivation triage that does not collapse to financial-only signals, plus a bias-audit checklist for the assessor.
Documented intent assessment before termination action lowers wrongful-dismissal exposure and gives counsel a clean record.
We are inside an active incident. Our executive team needs a decision framework they can apply immediately — not after the incident closes.
Decision-Making Under Uncertainty module · OODA, Cynefin, and recognition-primed frames indexed by category, with first-hand notes from lived national-security incidents.
Reliance on a named, structured decision frame is a textbook business-judgment-rule defence. The board minute writes itself.
We have had repeat cargo losses. Insurance is paying out, but cases are not progressing to prosecution. We would like to build evidentiary protocols our drivers and operations teams can follow.
Cargo Theft module · lead Todd Moore. Breadcrumb-evidence chain doctrine that converts a write-off into “reasonable and probable grounds” for a warrant.
Documented case-build doctrine satisfies your duty of care to the board on a known, recurring loss centre.
Our area of need is not on the current module list — for example, open-source intelligence on a counter-party in a transaction, or a specialist regulatory area we operate within.
Tell us. We leverage the One Horizon Network to onboard a vetted subject-matter expert and add the coverage to your map — inside the membership term, not a separate engagement.
Your coverage map grows with your operational risk, not behind it — and the request itself becomes part of the paper trail.
Under the Canada Business Corporations Act, courts evaluating a director’s duty look at the process of the decision, not the outcome. A right judgment — honest, in good faith, made on a careful, informed process — is protected, even when the call ultimately fails. Visor is the paper trail of that process: what you asked, what you received, and the named SME behind every answer.
- 01 Decide Under Pressure Run recognised decision frames against live incidents and contingency scenarios — so the call your team makes mid-crisis is one you can defend after it.
- 02 Brief the Board Turn complex risk, continuity, and crisis concepts into clear, minuted decisions for directors, executives, and oversight bodies.
- 03 Spot It Early Apply practitioner pattern-recognition to insider risk, fraud, and supply-chain threats before they convert into losses.
- 04 Coordinate the Response Move a response across departments, sites, and external partners using structured playbooks your teams have already exercised.
Memberships are priced per participant so you only pay for active users — and member priorities shape the roadmap, so new SME-led modules ship against the risks your organisation actually carries, not a generic syllabus.
- Full course library — three foundation courses live; modules unlock as they ship
- Threat & Regulatory Watch — curated news refreshed every six hours; daily policy and incident feeds
- Research, Frameworks & Coverage Map — vetted briefs plus which SMEs cover your priority domains
- Direct line to lead SMEs — reach the experts behind your courses straight from your dashboard
Each course module is a focused 30-minute unit built around one corporate-risk capability — insider threat, fraud, crisis leadership, executive protection, investigative interviewing. Every module has four reinforcing components:
Audio podcast lectures — short narrated sessions recorded with our practitioner faculty (CSIS veterans, retired police executives, and an award-winning investigative journalist). Built for the commute or between meetings.
Reading material — curated briefs, primary-source extracts, and decision frameworks pulled from real engagements.
Visual charts and diagrams — one-page references and decision trees that compress complex operational concepts into something a team can pin to the wall.
Case studies and lived insights — anonymised real incidents, each ending with the practitioner-level takeaway: what worked, and what they would change next time.
Corporate membership unlocks the full library plus quarterly live advisory sessions with the contributing practitioners — and every Visor answer cites the contributor by name and role, so what your team learns is always attributable to lived experience.
