IT Risk

Cybersecurity Consulting Services

Helping your company achieve the needed security posture that addresses today’s vast array of security threats.


Security is a high-stakes game and brand reputations are at stake. The financial impact of data breaches and ransomware is making cybersecurity a board-level topic. It is essential to providing a long-term quality product or service.​​

Centric Consulting’s Cybersecurity Consulting Services can help address your most pressing security concerns by:

  • Establishing governance programs that ensure the enterprise is doing enough.
  • Implementing policies that address security risks.
  • Ensuring compliance with relevant regulations and standards.
  • Creating incident response plans and business continuity and disaster recovery plans.
  • Addressing third-party vendor and service provider risk.
  • Testing infrastructure and business applications via regular penetration testing.

Whether you need the part-time help of CISO or a comprehensive cybersecurity road map our team can help.

Our Cybersecurity Consulting Services

Whether you need a complete IT security strategy, improvement to metrics to drive your security maturity or a service-based security resource, our security strategy experts and vCISO’s can help.

Our holistic approach to strategy includes governance, prevention, detection/response, and data privacy.

Project types include:

  • C Suite Advisory
  • Cyber Resilience & Attack Recovery
  • Risk Management & Migration
  • GRC (governance, risk and compliance) Strategy & Utilization
  • M&A Security Diligence
  • Cyber Liability Insurance
Learn More

Top Ten Threats Our Cybersecurity Experts Address

In today’s fast-paced digital landscape, organizations face many cyber threats that severely impact operations, data integrity and reputation. As bad actors continually evolve their tactics, we advance our own capabilities to help you stay vigilant.

Our cybersecurity consulting services fortify defenses across:


The sophistication of ransomware and the social engineering used to deploy it is becoming increasingly complex and successful.


Email is one of the oldest networking technologies still in use and it continues to be one of the most prominent security concerns.

Staffing Obstacles

Recruiting and retaining top-tier IT security talent continues to be a challenge across all industries.

Cloud & IoT Security

Businesses are rapidly deploying these always-on technologies. The need for proper security measures and configurations are essential.

Web Application Attacks

These breaches and incidents tend to be largely driven by attacks against credentials, with attackers leveraging those credentials to access critical resources.

Remote & Hybrid Security

Securing today’s workforce requires many components including IAM, MFA, antivirus, secure data transmittal, and secure employee devices.

AI-Powered Attacks

AI trolls are being used to exploit vulnerabilities in threat detection models and attack victim networks.

Open-Source Vulnerabilities

The use of open-source software is nearly everywhere, with critical vulnerabilities found in the majority of open-source code bases.

Securing Complex Ecosystems

Typical supply chains include a broad array of suppliers and partners sharing sensitive data in many formats. Even the smallest firm in your network must have adequate controls to safeguard your data.

State-Sponsored Cyber Attack

State-sponsored attacks against enterprises with the goal of financial gain include stealing cryptocurrencies and intellectual property and crippling infrastructure.


Identity Access Management (IAM) Assessment​

Modern Identity Access Management processes and technology is a key component of an effective Cybersecurity posture.

Our consultants are experts at assessing your current state, quantifying risks, and creating a mitigation and improvement roadmap that addresses key IAM functions such as user provisioning, de-provisioning, and access privileges.

IAM assessments are an effective approach to lowering your overall risk profile and can lead to lower cyber insurance rates.

Ready to keep your brand reputation and financial impact safe? Our experts can help.

Cybersecurity Strategy Development​​

Wondering how to define, organize, and operate a cybersecurity group in your company? We have a standard approach for strategy development that is aligned with NIST standards and address critical components of any cybersecurity strategy including:

  • Governance – processes and policies, IAM management, risk calculation and quantification, compliance management
  • Prevention – reducing security exposure, managing vulnerabilities and threats, cloud and application security, security mindset and training
  • Detection & Response – penetration testing, ransomware prevention, incidence response, SaaS product platform security
  • Data Privacy – applicable laws & frameworks, compliance approach, data privacy program, PII assessment


Cybersecurity Consulting Services - Building an information Security Strategy - Centric Consulting



What Your Pen Test Isn’t Showing You: A Live Hack

Wonder what a cyber attacker sees when they target your organization? Wonder no more. Watch a live network attack demo simulated by an industry-leading offensive security expert. In our on-demand webinar, you’ll learn how to uncover vulnerabilities that the average pen test misses.


Meet The Cybersecurity Team

Our experienced Cybersecurity team is ready to help on your next project​. Let our highly certified senior professionals become your team – we work with you not for you.

David Lefever - Centric Consulting

David Lefever

Cybersecurity Service Offering Lead

Matt Kipp

Director of IT Risk

Shane O’Donnell

Vice President of Cybersecurity

Brandyn Fisher

V-CISO Capability Lead, Senior Penetration Tester


Higher Security Leads to Lower Costs in Healthcare

A major healthcare organization needed a partner to help navigate the complex and costly world of HIPAA compliance.

The organization engaged us to conduct a HIPAA risk assessment, but we soon found deeper ways to add value to their security initiatives. Under our guidance, the healthcare provider embarked on a comprehensive HITRUST certification roadmap and implemented critical security controls, ongoing training and education, and continuous improvement efforts.

The client has significantly improved their security posture, enhanced their reputation and reduced their risk and liability, leading to a 25% reduction in their cyber insurance premiums.

Contact us to learn how our cybersecurity experts can help you protect what matters. 

Want To Learn More About Cybersecurity?

Don’t settle for temporary peace of mind – read our white papers and learn the necessary steps to ensure the safety of your organization’s networks and data.

Our Cybersecurity Experience

certified security consultants
satisfied cybersecurity customers
specialized security certifications
cybersecurity projects delivered

We Help You Understand Cybersecurity Standards

Governance, compliance, regulatory, and audit often require an understanding of a complex array of frameworks and standards.​ Our team can help you understand what’s required to lower risk and achieve compliance, and then perform the project work needed to satisfy regulators, auditors, and corporate leadership.



Centric Consulting Cybersecurity Consulting Services - Sarbanes Oxley (SOX) Testing​

Centric Consulting Cybersecurity Consulting Services - CIS (Center for Internet Security)

Centric Consulting Cybersecurity Consulting Services - CMMC (Cybersecurity Maturity Model Certification)​


Welcome aboard The Mako Group!

Their specialized expertise in cyber risk management combined with our proven technology and business consulting capabilities deepens our ability to deliver holistic solutions that address critical security and risk mitigation needs.

In a sea of partners, our shared history, purpose and values make this a seamless union that will benefit our employees, clients and communities.

Talk to An Expert

Our Comprehensive Approach To Your Cybersecurity

We are a full-service business consulting and technology company.​​ Activate your cybersecurity program across a broad array of project types.

Our Cybersecurity Approach - Centric Consulting

Our Cybersecurity FAQs

Learn more about how we can help safeguard your business. In today’s digital age, cyber threats pose an ever-present risk to organizations of all sizes. Our FAQ section addresses common concerns and challenges faced by organizations seeking to fortify their defenses against malicious actors. Explore our expert insights, approaches and solutions to mitigate cybersecurity risks, protect your valuable data, and maintain business continuity.

What services does the Cybersecurity consulting team offer?
Our Cybersecurity Consulting Services include establishing governance programs, implementing policies to address security risks, ensuring compliance with relevant regulations and standards, creating incident response plans, and business continuity and disaster recovery plans. We also handle third-party vendor and service provider risk and conduct regular penetration testing of infrastructure and business applications.
Can the Cybersecurity consulting team help with part-time CISO needs?
Yes, whether you need the part-time help of a Virtual CISO (VCISO) or a comprehensive cybersecurity roadmap, our team can assist.
What is an Identity Access Management (IAM) Assessment?
IAM is a key component of an effective cybersecurity posture that ensures only authorized users have access to your sensitive data. First, we assess your current state, quantify risks, and create a mitigation and improvement program and roadmap. Then we train your employees, implement, and monitor your IAM solution that addresses key functions such as user provisioning, de-provisioning, and access privileges.
What is Centric’s approach to cybersecurity strategy?
Our holistic approach to strategy includes governance, prevention, detection, response, and data privacy. We offer project-based services such as C Suite Advisory, Cyber Resilience and Attack Recovery, Risk Management and Migration, GRC Strategy and Utilization, M&A Security Diligence, and Cyber Liability Insurance. We offer a full-service business consulting and technology approach to cybersecurity. We activate your cybersecurity program holistically and across a broad array of project types.
How is cybersecurity strategy development handled?
We have a standard approach for information security strategy development that is aligned with NIST standards. Our approach addresses the critical components of any cybersecurity strategy including governance, prevention, detection and response, and data privacy.
What experience does the Cybersecurity consulting team have?
Our team is comprised of 30+ certified security consultants with 42 specialized security certifications. We have 325+ satisfied cybersecurity customers and have delivered more than 950 successful cybersecurity projects.
What standards and frameworks does the Cybersecurity consulting team understand?
We understand a complex array of frameworks and standards spanning every industry vertical including HITRUST, SOC, SOX, Penetration Testing, OSINT, NIST 800 Series Audit, ISO 27001 Audit, CIS 18, HIPAA, FFIEC, FISMA, CMMC, PCI, DSS, SEC Cyber, and TISAX.
What is the Mako Group?
We recently acquired The Mako Group, a leading cyber risk management firm. The Mako Group is a trusted provider of cybersecurity management, including strategy, governance risk and compliance, audit and assurance, penetration testing, virtual chief informational security officer (VCISO) support, and identity access management across industries. Their capabilities combined with ours deepens our ability to deliver holistic business solutions that address critical security and risk mitigation needs.

Keep your brand reputation and financial impact safe. Our Cybersecurity team can help address your security concerns.