Services and Consulting

My focus is on preventative security services.  Reacting to a breach is already too late. It is always better to prevent a breach than to discover a problem and respond to one.

My specialty is at the program level. People, Policy, and Process. From analysis and gap assessments to reporting and advisement during remediation and addressing of gaps. Compliance, Governance, and Risk. 

I can help you build maturity into your existing programs, or develop new ones from the ground-up.

  • Virtual CISO / fractional CISO (vCISO)
  • FedRAMP and NIST 800-series program oversight and gap assessment
  • OSINT on individuals and corporations with expert reporting
  • Personal Social Media exposure evaluations and recommendations
  • SDLC process and program evaluation, gap analysis, maturity, and advisory services
  • Security Awareness training and train-the-trainer classes
  • Security Awareness / anti-social engineering program and process evaluation and advisory services
  • Privacy and risk assessments

Any engagements are subject to non-compete agreements and avoidance of any conflicts of interest.