Work With Me

SOC 2 Consulting

Your team is busy and your business is growing. You need someone who gets startups and security compliance to help you balance current deliverables with that looming SOC 2 deadline. My approach is consultative and collaborative. Together we’ll get the right tools, people, policies and processes in place to make it happen. I have first hand experience building a SOC 2 program with American and Canadian SOC standards, AWS and Azure infrastructure, for firms serving government, big pharma, large enterprise and investors.

#SOCit2me

“Everyone has a plan until they get punched in the face.”

- Mike Tyson

InfoSec Marketing

Your company is past the point of infancy, you’ve got some stickiness in the market and your team can’t get their head above water to strategize the next growth plan. My approach is to understand your market, differentiators, and stakeholders so we can collaborate on a plan and execute.

I have first-hand experience marketing an awareness/risk mitigation PaaS, mapped to NIST to highly regulated industries, (2.5M inbound 2 mo), selling ethical hacking and secure coding training to startups and security firms (2x annual revenue, yr 1), and creating sales enablement scripts and content in various sectors (training modules for transient team, 25% revenue increase, yr 1).

#ClientSafari

Change before you have to.

- Jack Welch

We practice what we preach and value our clients’ security, privacy and reputation in addition to our own.

As such, the following security best practices are in place with Kassia Clifford Consulting:

Anti Virus, hard disk encryption, OS auto-updates, screen lock

Device Security

Password manager, complexity, MFA, VPN, aligned to least privilege principle

Cloud Security

Security awareness training, incident response training

People Security