What Others Have To Say

We work hard to make happy customers – read these testimonials from our satisfied partners

Testimonials

I woke up on a cold winter morning to multiple phone calls and texts letting me know that TorchLight was hard at work preventing a breach. The TorchLight team waited outside for 45 minutes starting at 3:30am in 12 degree (Fahrenheit!) weather waiting for someone on our team to arrive so they could get to work. We really appreciate their stick-to-itiveness. Any other IT shop would have turned around and gone back to their warm beds. Not TorchLight.

– Jim, CEO – Spokane Valley

“TorchLight has been more than a vendor to our multi-branch Credit Union, they are more like our partner. Our relationship with TorchLight dates back to 2007 when we were one of their very first clients who worked with them on a security assessment and gap analysis. TorchLight has worked with us ever since to help us achieve success for its employees and members through technology. They continue to strategically align with us to provide a full suite of services and have continued to deliver for almost 20 years.”

– Annettee Babb, CEO, PrimeSource Credit Union

Why TorchLight?

At TorchLight, our “why” is simple: we exist to serve our customers and protect them from the relentless threat of hackers. This mission drives everything we do, setting us apart in the Secured and Managed IT landscape.

We foster a culture of candor, transparency, service, proactive communication and a growth mindset, all aimed at supporting our clients’ needs. We seek trusted partnerships with organizations that share our values, prioritizing open dialogue and a win/win mindset.

Together, we ensure that IT security goals are not only met but exceeded, safeguarding business continuity every day. Our people are our greatest asset, unified by our mission to secure and serve our customers and frustrate the hackers.

The Way Forward – TorchLight Blog

How AI Is Making Phishing Attacks More Dangerous, More Convincing, and Harder to Spot

AI has made phishing attacks so convincing and common that credit unions can no longer rely on employee vigilance alone to stop them.
Supply-Chain Attacks: How Trusted Vendors Could Be Your Biggest Cybersecurity Threat

A compromised vendor can expose your members’ data even when your own defenses hold, which is why active third-party oversight is now a regulatory and security necessity.
The Invisible Threat of Malware-Free Attacks

Modern cyberattacks increasingly bypass antivirus entirely by exploiting legitimate tools and stolen credentials, leaving no malicious file to detect.
Browser Extensions Are the Security Gap Nobody Is Watching

Browser extensions are one of the least scrutinized kinds of software in use by an organization. They’re also one of the most dangerous.
Loyalty and Cybersecurity – The Loyalty Blind Spot

A Google engineer’s conviction for stealing AI secrets using Apple Notes exposes the dangerous assumption that employee loyalty, once earned through tenure and performance, remains permanent regardless of changing financial pressures or external recruitment offers.
NCUA’s AI Compliance Plan: What It Signals for Credit Unions (and How to Get Ahead of It)

Artificial intelligence is moving from “innovation project” to operational reality across financial services. Regulators are responding the way they always do when a technology starts touching mission critical decisions: by building governance, documenting controls, and raising expectations for transparency and accountability.
The Year Systems Broke and Why 2026 Demands Action

If you assumed your security controls were working in 2025, you weren’t alone. So did 99% of defense contractors who failed CMMC compliance. So did organizations running on AWS when a 15-hour DNS error took down their operations.
Payment Remittance Phishing Attacks Security Bulletin

Over the past several days, the TorchLight Security Operations Center has observed a rapid escalation in payment remittance phishing attacks targeting end users across multiple industries. While these phishing techniques aren’t new, the scale and frequency of this week’s activity represent a significant shift in threat actor behavior. In this post, we break down what…
What Palo Alto’s Breach Teaches About Protecting SaaS Applications

In August, Palo Alto Networks got breached. Not through their firewall. Not through phishing. Through a Salesforce integration. Over 700 organizations were affected. And their security tools never saw it coming.
Strategic Guidance – Getting The Most From Your Pen Test Report

It’s Q4 and pen test reports are piling up. Most companies scan for critical findings, patch them, and move on. But those medium and low-risk findings everyone ignores? They’re revealing where your security posture is quietly deteriorating. Gary Blosser, our vCISO and Principal Security Architect, shows you how to extract real value from every section…