Affordable Cybersecurity for Small Businesses

ISACA Certified Information Systems Auditor


Today's Reality

Internet connected device numbers have exploded in the last decade, as the digital economy matures in the age of information. Everyone has adopted more technology into their businesses, homes and personal lives than ever before with IoT devices, cloud services, supply chain integrations, medical devices, and the list goes on. 

As we've adopted this new technology we've reaped great rewards in convenience, productivity, profitability and quality of life. We now rely on this technology in ways we never have before, but most of us have not changed the way we think about cybersecurity and risk management. We still go about our day and run our businesses the same as we did 5-10 years ago, or perhaps even longer. This poses risk because the world around us or "threat landscape" has changed, but we have not adapted to it, so we are endangered by predators who have adapted ways to exploit a target rich environment. 

The major threats to small businesses in the Pacific Northwest are:

  • Ransomware
  • Healthcare data breach
  • Payment card data theft
  • Account takeover
  • Banking Fraud
  • Cryptomining

These threats have increased significantly in recent years, but many organizations have not changed their cybersecurity  to address these threats. Those that have invested my be complacent, and thereby expose themselves to unaddressed new vulnerabilities over time. Cybersecurity is not a project, it is an ongoing program that should be continuously assessed and improved.

What We Do

We provide independent cybersecurity assessment and auditing services to small businesses, with specialization in healthcare and HIPAA. 

Why hire an independent auditor?

  • A third party can provide an unbiased and independent assessment with a fresh pair of eyes
  • Independent assessments can confirm that your vendors and staff are delivering on their promises
  • Industry experts have specialized knowledge and training that you cannot afford on your payroll
  • Independent assessments demonstrate a commitment to customer security and regulatory compliance

Ransomware Risk Assessment:

  • Our certified auditor will visit your location and complete an interview (typically less than an hour) with your data administrator(s)
  • Our proprietary methodology will analyze the ransomware threat to your organization at this point in time 
  • We look at eight risk factors using methods derived from industry standards and ransomware case studies
  • We will deliver a confidential report with our findings and recommendations within 5 business days from completing the interview (contingent on full payment at time of delivery)

HIPAA Annual Risk Assessment and Risk Analysis:

  • Our HIPAA savvy, certified auditor will visit your practice and complete an onsite assessment (typically 2-4 hours) working with your administrator to assess ePHI data security in accordance with the Security Rule
  • Our risk assessment and analysis methodology uses industry standard frameworks including NIST and MoR
  • We will deliver a confidential report that will help you meet your compliance needs and protect the privacy of your patients and staff
  • Our report includes recommended controls to reduce risks and improve security. We offer a 6 month follow-up assessment of controls identified during the initial assessment for a reduced cost