Protect your organization, your employees, and your reputation, today!

Human error is the largest contributor to today's cyber-vulnerabilities and attacks. Infosec Check empowers everyone in an organization from the CEO to the service contractors allowed on premises used by your company.

Infosec Check provides virtual CSO or virtual CISO contracted services at the topmost level. Our C-Suite relationship starts with core needed process: Policies & Procedures that are necessary for all organizations and those under specific regulatory requirements.

We make Cybersecurity do-able starting with FREE Annual Cybersecurity Awareness Training that is engaging and useful.

Get Started Today. FREE Annual Training

Our Cybersecurity Awareness Training Program is FREE!*

No Budget? No Time? No Training Staff? No Excuses!

*Based on seat availability - Offer Subject To Change at Any Time

Cyber Risks and Threats are here to stay and always evolve in complexity! Get your training in our core minimum program - It's FREE with Infosec Check for Individuals, Sole Proprietors, and Students.

FREE Training Registration

Does your organization have information on computers, cell phones, or sticky notes? 

Infosec Check is designed to help everyone, whether Information Security or Physical Property Security!

Is your organization ready for a regulatory audit?

Take Our Quiz!

How is my company at risk? 

Customer Data Makes YOU Valuable to a Criminal

Stored customer or client data elevates the risk for your organization and makes you MORE prone to attack. All DATA is valuable to Cyber Criminals either by keeping you from legitimately having access to your data, or illegally selling your stolen data.

+90% of Data Breaches come from Human Error

+60% of cyber criminals say email is their attack "vector" of choice, why? It is the easiest vector of attack!  Employees may not suspect a login request, a download order, or an email from "the boss." Cyber criminals don't attack the IT department territory, they go after the weaker easier broken links.

Password Recycling, Change Policy Workarounds: An "epidemic."

Security protections are in place for a very good reason. Almost 60% of individuals admit to using the same or very similar password despite knowing that it is a risk and violates company policy. If a breached password is re-used, that login privilege is now known by that employee plus the criminals on the dark web.

The Dark Web cannot be erased!

Once accounts are breached, you need to know so you can take proactive measures quickly!  Without acting, YOU are now much more a part of the risk.

Employee Vulnerability Assessment

An employee vulnerability assessment helps employees to improve their own lives as well as that of the organization. Employee vulnerability assessments serve a similar role of regulatory requirements but instead of punishment or consequences, we use gamification process that encourages employee engagement. This methodology is effective, especially if the C-Suite gets involved with employees.

  1. With analytical tools, you will be able to see which windows are "open", which doors are "unlocked" or "ajar" with an Employee Secure Score, where you can choose to dedicate a little prevention or encouragement to up the game for them and for your organization.
  • Quick, easy to understand videos and quizzes that go directly to employees with scores that are visible to the employee so they can see how they are doing.
  • Continuous dark web monitoring for business email accounts; Our system keeps on looking for credential breaches for your company while also allowing employees to check their personal email accounts for breaches.
  • Automatic Phishing let's our system and process work with your and for you so you engage, take action and set goals throughout the year!
  • Policy Acknowledgement is a critical piece for their awareness and YOUR organizational protection - we help with many of your own custom policies, procedures and employee handbook acknowledgement processes as well.
Common Mistaken Objections
"Our IT Department takes care of that."

IT departments are usually inundated with IT Availability responsibilities on a daily basis. Having the IT Department also responsible for Security, Oversight, and Governance is unrealistic and also a regulatory requirement violation.

"We have Firewalls and Spam Filters."

Firewalls and SPAM filters are not a complete solution, 1) because hackers do not attack the security gates head on and 2) when was the last time you analyzed the log files of your appliances?

Infosec Check Features
Annual Training

An online security awareness training

(Not reruns!!!) course, ~1 Hour, Pause-able and resume, Exam, and Digital Certificate

Dark Web Monitoring

Are you "always" looking? 

We keep active monitors on your information across the Dark Web

Personal email DW scanning
Help your employees learn to be secure while they are at home and before they come to work!
Weekly "Fresh" Mini-Trainings
Yesteryear's security breach is old news. Learn something useful and up to date!
Mini-Briefs (~3 - 5 Minutes)
Phishing Simulations

Unlimited Phishing Simulations.  Phishing is the most commonly used attack! Continuous Training is advised!

Vulnerability Assessments
The first "rule" of security is to continuously assess & find the new risks. Daily, software vulnerabilities are discovered!
Policies & Procedures

An audit critical item for multiple regulatory compliance rules; as is documented employee acceptance & understanding.

Table top simulations
Table top simulations are held across many industries and organizations to test strategic plans & incident response team readiness.
Virtual CSO / CISO

Certain organizations are required by regulations and administrative code to have a designated Security Officer.

Cyber Liability Insurance

because of the words "CYBER security."

In Virginia alone, there are 13 different forms for Cyber Insurance.  Which one did you decide was right for you? How did you decide? Is your agent properly updated with Continuing Education specifically focused on Cyber-Liabilities? 

Infosec Check consultants have completed state requirement training to be licensed insurance agent brokers in Virginia plus have completed the continuing education hours specifically for Cyber-Liability Insurance. We DO NOT Sell Insurance nor provide the coverage because "an agent is an agent" of the Insurance Company!  We advocate for our clients and have a formal meeting after the discovery and assessment to properly outline and request insurance coverage from your chosen insurance broker.

Infosec Check works for you! We help you take a proper unbiased assessment for you to make a serious and informed decision against the truly risks your organization faces in our cyber connected world.

Getting Started Plans

If you have more than 20 but less than 100 employees, please proceed with your order.

For more than 100 employees, please contact us.

Payment Card Industry PCI-DSS

Retail, Restaurants, Boutique


Per Month - No Contract

  • 1-20 Employees
  • Annual Training + Weekly Mini Trainings
  • Self-Administered Security Risk Assessment
  • HR Policies & Procedures Dashboard
  • Optional vCSO/vCISO Service

DoD Contractors

DoD 8140/8570 Core Requirements


Per Month - No Contract

  • 1-20 Employees
  • Annual Training + Weekly Video Mini Training
  • Annual Risk Assessments
  • NIST RMF Policies & Procedures Guidance
  • Optional vCSO/vCISO Service

HIPAA Covered entities

For Clinics, Pharmacies, Dentists, etc.


Per Month - No Contract

  • 1-20 Employees
  • Annual Training + Weekly Mini Training
  • Annual HIPAA Risk Assessment
  • HIPAA Mandated Policies & Procedures
  • Optional vCSO/vCISO Service

Annual Cybersecurity
Awareness Training


It's Really FREE

  • FREE Annual Training
  • FREE Email Support
  • FREE Useful Info Newsletter
  • FREE Dark Web Scan
  • FREE Business Need Discovery Consultation
Find the Gaps

Penetration Testing

When You


One Time or Recurring

  • Tabletop Exercise Testing - War Games
  • Ongoing and/or One-Time Missions
  • Weakness Assessment Penetration Testing
  • Information Technology or Physical Plant
  • Subcontracted Extreme Expertise
Contact Us

virtual CSO/CISO

Contracted - Billable Hours


Per Month - No Contract

  • Billable Hours Per Month
  • On Site Visits & Assessments
  • Policies & Procedures Development
  • Company Posture Development
  • Monthly Executive Briefing Sessions
Contact Us
need More information?

Let us know your questions.