Healthcare · Managed IT + Cybersecurity
Regional medical group — HIPAA hardening & 24/7 SOC
Challenge: A 180-provider medical group had grown via acquisition and was running seven disconnected IT environments with inconsistent security and no centralized monitoring.
What we did: Consolidated identity into a single Entra ID tenant, deployed managed EDR across all endpoints, rolled out 24/7 SOC monitoring, and stood up HIPAA-aligned evidence collection in 6 months.
Outcome:
- HIPAA Security Rule evidence collection automated
- Mean time to detect suspicious activity: from 12+ days → < 15 minutes
- IT spend reduced ~22% via license consolidation
- Passed annual HIPAA risk assessment with zero significant findings
Fintech · vCISO + SOC 2
Austin fintech startup — SOC 2 Type II in 9 months
Challenge: Series B fintech needed SOC 2 Type II to close enterprise contracts. No security program, no CISO, and a 9-month runway to first audit.
What we did: Engaged as vCISO, built the security program from zero, implemented Drata, hardened M365/Okta/AWS, stood up policy suite, and ran the audit.
Outcome:
- SOC 2 Type II achieved with zero qualifications
- Unlocked $4.2M in previously gated enterprise contracts
- Cyber insurance premium reduced 31% at renewal
- vCISO now presents quarterly to the board
Manufacturing · CMMC + OT
Aerospace supplier — CMMC Level 2 enclave
Challenge: A precision-manufacturing DoD supplier needed CMMC Level 2 but couldn't afford to re-architect their full environment to the CUI scope.
What we did: Designed and operated a CUI-only enclave with segmented network, dedicated identity tenant, hardened endpoints, and separated cloud tenant. Reduced audit scope by ~85%.
Outcome:
- CMMC Level 2 readiness achieved in 7 months
- CUI scope reduced to < 15% of estate
- Production OT network segmented & monitored
- Preserved eligibility on $11M in DoD contracts
Legal · Managed IT + Backup
Mid-size law firm — ransomware recovery & resilience
Challenge: A 120-attorney firm had just recovered from a ransomware event with their prior MSP, losing 3 days of matter work. Leadership mandated a full reset.
What we did: Replaced the MSP, redesigned the network with segmentation, deployed immutable backup, rolled out EDR with SOC monitoring, and engineered a documented DR runbook tested quarterly.
Outcome:
- Immutable backups across matter data + NetDocuments
- Tested RTO of < 4 hours for tier-1 systems
- Zero unplanned outages over the subsequent 18 months
- Cyber insurance renewed at reduced premium
SaaS · Cloud + FinOps
B2B SaaS — AWS optimization & governance
Challenge: A fast-growing SaaS had an AWS bill compounding at 14% MoM with no tagging strategy, RIs, or cost accountability.
What we did: Implemented landing-zone governance, tagging policies, reserved-instance & savings-plan strategy, and monthly FinOps reporting by feature team.
Outcome:
- AWS spend reduced 38% without a capacity cut
- Tagging compliance > 96% enforced via SCPs
- Clear cost-per-customer metric, feeding pricing decisions
- FinOps practice now owned internally — we advise quarterly
Non-Profit · IT Modernization
Regional non-profit — M365 modernization & secure remote
Challenge: A 90-staff non-profit was running legacy file servers with VPN remote access; field staff were routinely blocked and security was minimal.
What we did: Migrated to M365 non-profit licensing, replaced VPN with ZTNA, implemented MFA, and trained staff. All inside the non-profit's Microsoft grant allowance.
Outcome:
- IT operating spend reduced 44% via non-profit licensing
- Field staff productivity lift of ~30% (measured via engagement data)
- Zero phishing incidents in the 12 months post-deployment
- First-time annual IT budget delivered to the board
