Services
Four service lines, each scoped as a discrete engagement with a written deliverable. Built for IT directors and deputy directors at counties and municipalities with 200–2,000 endpoints and no dedicated security staff.
A two-week assessment of your environment against CIS Controls v8, NIST CSF 2.0, and the Washington State Auditor's cybersecurity performance audit criteria. Delivered as a written report with prioritized findings and a 90-day remediation roadmap.
Six-week engagement to build a complete incident response capability — written plan, runbooks for the most likely incident types, tabletop exercise, and 30 days of post-delivery Q&A. Aligned to NIST SP 800-61 R3, CJIS, and HIPAA where applicable.
Hands-on assistance during an active incident — containment, eradication, recovery, and post-incident reporting. Active incidents are handled on a best-effort basis, with priority response for retainer clients.
A custom training program tailored to your workforce — the threats your people actually face, in language they actually use. Designed for integration with KnowBe4 or similar platforms if you already have them.
Tell me about your environment and what you're working toward. I respond to project inquiries within 1–2 business days.
