Cybersecurity Review 

See how these advisory components fit into the overall service matrix by downloading a one-page PDF here.

The question for most business owners regarding cybersecurity is how much do I need without breaking the bank?  The good news is there are many frameworks that are out there to help shed light on the amount of risk your business faces from cyber threats and what is the appropriate amount of protection needed.  NIST Cybersecurity Framework (CSF) is a good foundation to begin evaluating your environment, creating a system security plan, and implementing a risk mitigation plan.

There is no system that is 100% secure.  Don’t let anyone fool you into thinking that.  But with the right guidance, you can have a relatively safe environment that is tailored to your business needs.

 The following cyber controls will be reviewed:
• Access Control
• Awareness and Training
• Audit and Accountability
• Configuration Management
• Identification and Authentication
• Incident Response
• Maintenance
• Media Protection
• Physical Protection
• Risk Assessment
• Security Assessment
• System and Communication Protection
• System and Information Integrity

Location: Primarily Remotely. We would recommend one physical site visit if you have an office. This price includes 1 site visit if necessary. Exact travel reimbursement is to be added. $1000 per site additional site + travel reimbursement.

Duration: 12-16 weeks, plus 3 months post support for continued implementation
Scheduling: A Cybersecurity Review can usually be scheduled and locked in on the calendar within 1-3 weeks, depending on the time of the year. A site visit should occur midway through or later during the engagement.

Deliverable: Hours of industry-leading advice that follows a proven process, very carefully and concisely stated recommendations for your note-taking, with later expansions as necessary.
Implementation Guidance: Up to 3 months involving up to three significant interactions. They are agenda driven, which means that you’ll keep a log of the questions you have and we’ll address them in a batch. We don’t count email exchanges during those 3 months. (This work is not a like a coach)

Participation Requirements: Senior Technology personnel or Principals gathers required documentation.

Decision making principal is a participant in each scheduled meeting. Approximately 6-8 hours over the course of the engagement. Selected managers and key employees participate based on their roles.

Cost: $15,000 Fee + travel reimbursement for 1 site visit.  $1000 per additional site and travel reimbursement as necessary.

Payment Terms: Prepaid and non-refundable. Via ACH, check or credit card (+3%)

“John has always been an exceptional industry partner with a clear command of information technology, running the spectrum from policy to implementation. He brings both complementary and force-multiplying skills to every initiative we’ve undertaken. A true asset and go-to teammate.”

– Michael Ferritto

Do you know the 3 States of Data?

Data is the most valuable resource you are trying to protect.


Data at Rest


Data in Motion


Data in Use


Questions?  Are you concerned if something is a fit?

Schedule A Virtual Coffee Session