Member Firm Profile
H2Cyber is a Cybersecurity Executive Management Firm that specializes in Cybersecurity and Risk Management across the nation. We help organizations understand and implement the right Cybersecurity strategy for their business by helping them navigate through the fog. Regardless of your company size or industry, we can help.
Cybersecurity Program Reviews
Designed for organizations that want to understand where they fit compared to other firms within their organization as well as to show a higher level of due diligence within Cybersecurity. These engagements typically take 4 to 6 weeks to complete once the 4 day on-site is complete. The package contains the following: NIST Cybersecurity Framework and Critical Security Controls assessments, assessment of the know regulatory requirements, executive scorecard, industry comparison (where available), security roadmap and action plan based on assessment results, identification of risk appetite and risk matrix, on-site security awareness training (four 45 minute sessions), on-site incident response tabletop (half day) and training. We also can provide the following package add-ons such as an independent resource for the board of directors, on-site board of directors’ reviews, and on-site or virtual progress health checks.
Virtual Chief Information Security Officer (vCISO)
Suited for those organizations looking to meet the needs of the business without the costs of hiring a full time CISO. The vCISO will collaborate with other C-Suite members to develop long and short-term strategies aligned to the business, oversee the implementation of those efforts and report on their progress. The vCISO will help foster in a company culture that is Cybersecurity aware to aid in business transformation and creating a competitive advantage. We also offer a variety of other services such as merger and acquisition support, function as an independent resource for board members, on-site security awareness and incident response training, and general consulting.
Our founder, Paul Horn has previously served as a Chief Information Security Officer within an Independent Broker Dealer and experienced the first regulatory sweeps for Cybersecurity within the industry as well as numerous follow up exams. In addition, Paul has a wealth of knowledge regarding the tax preparation space and regularly attended the IRS’s Strategic Threat Assessment & Response (STAR) work group to help protect taxpayers and the integrity of the tax ecosystem. Paul is knowledgeable on various other requirements such as the New York Department of Financial Services (NYDFS) Cybersecurity regulation as well as Colorado and Vermont’s and the Payment Card Industry, Data Security Standard (PCI-DSS).
Paul also honorably served in the United States Air Force as a Special Agent with the Air Force Office of Special Investigations; servers on a variety of Cybersecurity Advisory Boards and holds the following certifications; Certified Chief Information Security Officer (C|CISO), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Controls (CRISC), and Certified Incident Handler (GCIH).