
Professional Security Services Design and Test for Reliable Outcomes & Preditcable Results
vCISO Fractional Advisory Leadership services with a wide range of compliance and assessment testing and audits

TorchLight Advisory Services
Our Advisory Services provide a clear understanding of your organization’s risk and exposure to cyber attack, the level of preparedness and the impact it could have on your business.
Virtual CISO (vCISO)
A comprehensive solution focused on information security for organizations with a higher level of complexity and compliance. A fractional cost approach delivers value and execution without the long term expense to the organization.
Virtual Chief Information Officer (vCIO)
Torchlight partners with clients to guide the short term and long term development of the Information Technology function with
the business. A vCIO performs the same functions as a full time CIO, while only using a fraction of the time and leveraging our long term experience.
Interim CISO / On Demand CISO
A CISO engagement to run your security program month to month while a new CISO is recruited. On-Demand solutions provide a CISO function when required via pre-purchased block of hours the organization can utilize when required.
Self Service CISO
Access to Torchlight’s diverse set of audit, assessment and
compliance templates to utilize for your team.

Testing, Assessment and Audit Services
Be in control of policy and process. TorchLight is committed to providing a security-first consultative service, which enables alignment of technology and business goals & outcomes.
Ransomware Gap Assessment
The Ransomware Gap Assessment identifies security objectives from the NIST Cybersecurity Framework (NISTIR 8374) that supports preventing, responding and recovering from ransomware events.
Penetration Testing
TorchLight offers both internal and external penetration tests which are simulated cyber attacks against your entire network/websites/ domains to scan for exploitable vulnerabilities and security risks.
Risk Assessments
Customized assessments help clients understand potential options and strategies for managing these risk to a level that works for their business continuity. Our assessment services include HIPAA, SWIFT, GLBA, FERRPA and more.
Compliance and Audits
Our certified Auditors will work with your team to evaluate the state of your organization as it relates to all areas required by either HIPAA, FFEIC, GLBA and other requirements as needed.
Why TorchLight?
At TorchLight, our “why” is simple: we exist to serve our customers and protect them from the relentless threat of hackers. This mission drives everything we do, setting us apart in the Secured and Managed IT landscape.
We foster a culture of candor, transparency, service, proactive communication and a growth mindset, all aimed at supporting our clients’ needs. We seek trusted partnerships with organizations that share our values, prioritizing open dialogue and a win/win mindset.
Together, we ensure that IT security goals are not only met but exceeded, safeguarding business continuity every day. Our people are our greatest asset, unified by our mission to secure and serve our customers and frustrate the hackers.
The Way Forward – TorchLight Blog
-
Windows Recall: What You Need to Know — And Why It Matters
Microsoft’s upcoming Recall feature for Windows 11 Copilot+ PCs is shaping up to be one of the most talked-about developments in workplace technology this year. Designed to boost productivity by taking periodic snapshots of user activity for easy, searchable recall, the feature promises convenience — but also raises serious privacy and security concerns.
-
Strengthening Your Security Posture with EDR & ITDR
Cyber attackers aren’t just targeting networks anymore—they’re going after identities and endpoints at scale. In fact, over 80% of breaches involve compromised credentials or exploited devices. In this month’s service spotlight, we break down two critical layers of modern cyber defense—Endpoint Detection and Response (EDR) and Identity Threat Detection and Response (ITDR)—and show how they…
-
Washington State Expands Sales Tax to IT Services
A new Washington State law—Senate Bill 5814—goes into effect on October 1, 2025, and it will significantly impact customers located in Washington who receive IT, digital, and tech-related services. This change will apply regardless of where the service provider is located, and may affect how your organization is billed by vendors like MSSPs, cloud providers,…