Professional Security Services Design and Test for Reliable Outcomes & Preditcable Results

vCISO Fractional Advisory Leadership services with a wide range of compliance and assessment testing and audits

Torchlight’s security consulting services include a full suite of Audit and Assessment services to gain a better understanding of your current I.T. and I.T. Security posture. We work together to build roadmaps that ensure the future health of the business and engineers that can deliver results and performance of the plan. With additional I.T. Security testing services, we can provide compliance reporting and attestation services.

TorchLight offers a flexible vCISO, vCIO and vCTO advisory service and can be utilized for a specific engagement all the way to a holistic strategy for IT service delivery.

Our Security Consulting team offers testing, assessments, audits and compliance services focused on health, banks/credit unions, finance and capital investment organizations.

Download Data Sheet

TorchLight Advisory Services

Our Advisory Services provide a clear understanding of your organization’s risk and exposure to cyber attack, the level of preparedness and the impact it could have on your business.

Virtual CISO (vCISO)

A comprehensive solution focused on information security for organizations with a higher level of complexity and compliance. A fractional cost approach delivers value and execution without the long term expense to the organization.

Virtual Chief Information Officer (vCIO)

Torchlight partners with clients to guide the short term and long term development of the Information Technology function with
the business. A vCIO performs the same functions as a full time CIO, while only using a fraction of the time and leveraging our long term experience.

Interim CISO / On Demand CISO

A CISO engagement to run your security program month to month while a new CISO is recruited. On-Demand solutions provide a CISO function when required via pre-purchased block of hours the organization can utilize when required.

Self Service CISO

Access to Torchlight’s diverse set of audit, assessment and
compliance templates to utilize for your team.

“TorchLight has been more than a vendor to our multi-branch Credit Union, they are more like our partner. Our relationship with TorchLight dates back to 2007 when we were one of their very first clients who worked with them on a security assessment and gap analysis. TorchLight has worked with us ever since to help us achieve success for its employees and members through technology. They continue to strategically align with us to provide a full suite of services and have continued to delivery for almost 20 years.”

– Annettee, CEO

Testing, Assessment and Audit Services

Be in control of policy and process. TorchLight is committed to providing a security-first consultative service, which enables alignment of technology and business goals & outcomes.

Ransomware Gap Assessment

The Ransomware Gap Assessment identifies security objectives from the NIST Cybersecurity Framework (NISTIR 8374) that supports preventing, responding and recovering from ransomware events.

Penetration Testing

TorchLight offers both internal and external penetration tests which are simulated cyber attacks against your entire network/websites/ domains to scan for exploitable vulnerabilities and security risks.

Risk Assessments

Customized assessments help clients understand potential options and strategies for managing these risk to a level that works for their business continuity. Our assessment services include HIPAA, SWIFT, GLBA, FERRPA and more.

Compliance and Audits

Our certified Auditors will work with your team to evaluate the state of your organization as it relates to all areas required by either HIPAA, FFEIC, GLBA and other requirements as needed.

Why TorchLight?

At TorchLight, our “why” is simple: we exist to serve our customers and protect them from the relentless threat of hackers. This mission drives everything we do, setting us apart in the Secured and Managed IT landscape.

We foster a culture of candor, transparency, service, proactive communication and a growth mindset, all aimed at supporting our clients’ needs. We seek trusted partnerships with organizations that share our values, prioritizing open dialogue and a win/win mindset.

Together, we ensure that IT security goals are not only met but exceeded, safeguarding business continuity every day. Our people are our greatest asset, unified by our mission to secure and serve our customers and frustrate the hackers.

The Way Forward – TorchLight Blog

Microsoft Teams Phishing Attacks

TorchLight Security Operations Center continues to hear about Microsoft Teams as the vector to social engineering, phishing and spearphishing attempts by hackers. Given the volume of noise, we thought we’d publish what we know and how to defend against these attacks.
New Mac Vulnerability – Banshee MacOS Stealer

Our security operations center was notified of a new and novel bug that can affect all Macs. Titled “Banshee MacOS Stealer”, this first came on the scene in mid-2024 as a “malware as a service” exploit.
NIST Cybersecurity Framework 2.0 – Considerations for Small to Medium Sized Businesses

The NIST Cybersecurity Framework is a methodology designed to simplify the process of planning, implementing, managing and responding to threats from a holistic point of view in the Information Technology Delivery and Security space. It is specifically designed for organizations that either have no or very little cybersecurity planning, processes or responses to emerging threats.