TechJitsu Founder Tracey Nyholt Targets Cybersecurity's Human Weak Point: The Help Desk
TechJitsu's Tracey Nyholt Secures Cybersecurity's Help Desk Gap

TechJitsu Founder Tracey Nyholt Targets Cybersecurity's Human Weak Point: The Help Desk

In the world of cybersecurity, the most formidable breaches often occur not through sophisticated technical exploits, but through simple human interaction. This uncomfortable reality is the driving force behind the work of Tracey Nyholt, founder and CEO of Calgary-based TechJitsu. Her company has developed a solution specifically designed to fortify what she identifies as modern security's soft underbelly: the call center password reset process.

The Social Engineering Threat to Help Desks

When malicious actors aim to compromise an organization's digital fortress, they frequently bypass complex security systems by targeting the help desk directly. Armed with fragments of publicly available information—birth dates from social media profiles, mother's maiden names from genealogy websites, or recent locations from public profiles—attackers can convincingly pose as legitimate users. With the right tone of urgency and politeness, they can talk their way past knowledge-based authentication questions, trigger password or multifactor authentication resets, and essentially gain unauthorized access to sensitive accounts.

This age-old deception tactic, now executed through modern communication channels, remains alarmingly effective. For individual consumers, such breaches can lead to drained savings accounts. For businesses, they can provide attackers with a dangerous foothold deep within corporate networks, potentially leading to devastating data breaches and financial losses.

Caller Verify: Transforming Weak Links into Security Assets

TechJitsu's innovative response to this persistent threat is Caller Verify, a streamlined security layer that transforms the help desk from a vulnerability into a robust verification point. Rather than relying on easily compromised personal information like birthdays, postal codes, or pet names, Caller Verify integrates directly with an organization's existing multifactor authentication infrastructure.

The system works by bridging the help desk call to enterprise MFA platforms such as Okta or Entra ID. Before any password reset proceeds, the caller must prove possession of a registered device or security token through standard verification methods—whether that's responding to a push notification, entering a one-time code, or using a passkey. This creates what Nyholt describes as "a speed bump that's hard to socially engineer." The fundamental principle is straightforward: no verified device, no account reset.

Strategic Integration Over Replacement

One of Nyholt's foundational strategic decisions was to design Caller Verify as an integration tool rather than a replacement for existing MFA systems. This approach acknowledges the practical realities of enterprise identity and access management, where organizations are reluctant to adopt yet another independent identity verification platform.

By working within established MFA frameworks, TechJitsu enables identity teams to maintain their existing policies, logs, and telemetry in a centralized location. This integration-focused philosophy has allowed the company to remain agile and specialized while aligning with the complex operational needs of large organizations.

An Unconventional Path to Cybersecurity Innovation

Tracey Nyholt arrived at this cybersecurity challenge through an unconventional career path. With a background in English literature and early experience in financial services, she developed her technical expertise through self-directed learning and documentation. "I would offer to write up the work of people a level above me," Nyholt explains. "They hated documentation; I loved learning. It gave me access and context."

This practice of distilling complexity into actionable information fundamentally shaped TechJitsu's product development approach. The company focuses on solving specific, surgical problems within cybersecurity, prioritizing tight integration with existing systems and maintaining close communication with the IT professionals who manage security operations daily.

As organizations continue to grapple with evolving cybersecurity threats, TechJitsu's targeted solution addresses a critical vulnerability that exists at the intersection of technology and human interaction. By securing the help desk—the very point where social engineering attacks most frequently succeed—Nyholt's innovation represents a significant step toward closing one of cybersecurity's most persistent and human-centered gaps.