Technology

Article Dean Dorton

Outsourced/Co-sourced IT Internal Audit Solutions

Addressing external or internal compliance requirements is nothing new to public companies, but the requirements are changing at a swift pace. Whether you are looking to accelerate the establishment of an internal IT audit function or realize cost savings by moving to an outsourced model, Dean Dorton can provide your organization with a complete outsourced solution to see rapid results. Many organizations large enough to have an internal audit department are often not large enough to employ full-time IT audit resources—we can fill your need for the IT internal audit function. The breadth and depth of our skilled IT internal audit professionals makes your business more efficient, ensures objectivity, and allows you to focus on your core functions.

Consider these questions:

  • Are you having difficulty finding Internal IT Audit talent?
  • Are you struggling to stay educated on various IT compliance requirements?
  • Are there key IT controls that should be tested regularly but aren’t?
  • Are you relying on an external audit firm to perform testing of IT controls?
  • Have you identified areas of concern regarding your IT controls?
  • Have there been, or will there be, significant changes to systems and/or processes?

If you answered “Yes” to any of these questions, Dean Dorton’s team of IT Audit and Compliance professionals can add value to your organization through our outsourced/co-sourced internal IT audit solutions.

Our Methodology

1. Determine Approach and Scope

We will conduct interviews with management and the Audit Committee to assess the scope of the internal audit plan and how our testing should be performed to best benefit your organization. Our previous internal audit experiences will help drive the questions and provide focus for the internal audit plan.

2. Develop Work Programs

We will develop work programs. The work programs will be consistent with your needs or any regulatory compliance and will also include key dates and reporting requirements. The work programs will list out the objectives and steps to be performed.

3. Perform Audit

We form a best-in-class team to meet the audit needs and work with you to create a schedule that fits your desired timeline. We work very hard to maintain continuity of the engagement team to enhance efficiencies of the work. We use a collaborative, online project management tool to actively manage, share status updates and communicate throughout the project.

4. Reporting to Audit Committee and Management

At the completion of our testing we provide a draft report to management for its review. The report includes the objectives, findings, and recommendations of the project. If appropriate, management will have a chance to respond to any recommendations prior to the report’s submission to the Audit Committee.

Learn More

Article Dean Dorton


Assessing your business to be ready for a comeback.

I don’t want to be the guy who is always trying to make lemonade when life throws a lemon. I also do not want to minimize the severity of the COVID-19 pandemic. However, I do have to point out that the COVID-19 pandemic presents many businesses a unique opportunity to restart in a stronger position than they were in prior to the pandemic. The business environment that will exist once the effects of COVID-19 are diminished and social restrictions are lifted may be different from what you were accustomed to. Businesses need to start preparing to capitalize on new opportunities to grow and strengthen their operations. Businesses that have the self-awareness, proper team, and clear focus can position themselves to thrive as the world finds a new normal. Here are ten ideas to make your business better.

10 Ways to Make Your Business Better PDF
1. Be honest about your business strategic strengths and weaknesses

Where does your business thrive? In what areas should your business deliver world class / best-in-class service? Where is your business only average, or below average? Were staple revenue streams showing some signs of decline?  What pain points have you felt for years but have never dealt with (those will still be there post-pandemic)? Are there additional revenue streams, products/services that need to become a focal point? Is your overall business being handicapped by under performing segments? If operations have been idled due to the pandemic, consider the possibility that some segments of your operations should be closed indefinitely. Businesses should use this economic slowdown to understand the points of leverage they have over their competitors and those that will be differentiators post-pandemic.

2. Understand the business environment and what has changed

The post-pandemic business environment may look very different from the pre-pandemic business environment. The world made a very rapid adjustment to social distancing. Millions of workers have been logged into their workspace from home for weeks now, many for the first time ever, and many are surprised to find they like it. Flights have been grounded forcing the sales-force and consultants to interact with their clients and teams virtually. The one-on-one interaction that many businesses were accustomed to has been replaced by telecommuting. Businesses may find that they no longer need the corporate office space that was once idolized, nor do they need the robust retail space to serve customers that have grown even more accustomed to online retail.

Businesses reliant upon gathering of individuals (hospitality, entertainment, travel, food service, sports to name a few) need to be aware that social distancing has forced customers into their homes for significant amounts of time, with limited trips of any kind, and an inward focus on natural community to meet many needs. Also, the realization that many basic goods and services can be met online (think telehealth, religious services from the family living room, Google Classroom and food delivery) has fostered a consumer “cocooning” effect. Consumers have accepted being restricted to their home. Also, expected post-pandemic health anxiety (avoidance of handshaking, large groups, unnecessary business travel), as seen in post-pandemic China, further adds complexity to the consumer environment businesses will face.

3. Understand your opportunities – customers/services

After doing a thorough analysis of your business (pre-pandemic) and giving consideration towards what the post-pandemic business environment will look like, businesses need to carefully examine their opportunities. How can they re-engage with both existing and new customers? Businesses seeking to enhance their value and market share need to align their obtainable strengths (the differentiators that set them apart from competitors) with the opportunities that will be in high demand post-pandemic. Understanding opportunities in the post-pandemic economic may mean:

  • Shifting from physical presence to an online retail presence
  • Reassigning team members to emphasize new or different services or products
  • Recruiting people to the business with skill sets that have never been required
  • New strategic alliances to protect the supply chain, secure access to capital
  • A marketing shift to create a new public persona

Businesses must also consider that the economy may re-open in stages. Each stage may have its own opportunities and life cycle. Businesses must consider its timing as it pursues post-pandemic opportunities and plan accordingly.

4. Know your team

Most businesses are only as good as the team they employ. To maximize identified strengths or potential strengths, to navigate the post-pandemic business environment and to capitalize on upcoming opportunities businesses must have a strong cadre of team members to support the mission. Businesses must identify the key roles that will be crucial for their success, identify the skills required for those roles, and do an inventory of their organizational structure to identify any roles or skills that are lacking. Businesses also need to consider opportunities to shift pre-pandemic responsibilities between team members to capitalize on under-utilized skills or abilities. Businesses may need to consider outsourcing non-essential activities such as accounting, human resources, and marketing to free internal resources and gain access to external resources. Lastly, businesses need to consider their succession plan.  Do you have a plan in place to transition key roles and responsibilities if needed? Is your business protected from the unexpected loss of a key team member?

5. Know your needs – Evaluate your supply chain

Consumers have benefited from the global economy since the Reagan presidency. The global economy brought global supply chains which emphasized efficiency above all else. The COVID-19 pandemic has revealed the risks assumed by over dependence on global supply chains. Businesses will likely reconsider the emphasis on efficiency and explore options for supply chain reliability and control through domestic options. This may lead to re-shoring of international manufacturing as losses in the short term are outweighed by the risk of efficiency. This creates opportunities for local industries that have been impacted by the import economy but will require businesses reliant on international suppliers to manage costs and supply chain relationships.

6. Know your community – Key relationships

To be stronger in the post-pandemic economy, businesses need to identify those external relationships that will be key in helping the business succeed. This includes financing relationships, key stakeholders, significant vendors, legal counsel, tax/accounting, human resources, real estate and on and on. Businesses should be proactive in communicating any strategic initiatives with its key relationships to ensure alignment. This may include replacing some relationships with new participants, adding new types of relationships, and having difficult conversations with a relationship that needs to bring more value.

7. Prioritize your marketing plan

Most business’ marketing and sales funnels have been smudged, if not erased. Marketing efforts will need to be rebooted. Businesses should not assume customers will automatically return. Businesses should not assume prospective customers are exactly where they were in the sales cycle pre-pandemic.  Marketing efforts need to be tailored to a new business landscape sensitive to an economy that has been quarantined for many weeks. In some cases, businesses will need to work to re-build awareness of its services and products, especially new services or products. As always, the timing of the marketing strategy will be essential.

8. Plan for next time

The medical community has identified an unsettling trend. From 1900 to 2000, the World Health Organization identified 4 pandemics (including AIDS/HIV, which is ongoing). Since 2002, the World Health Organization has identified 5 pandemics (excluding AIDS/HIV, including COVID-19 which is ongoing). Businesses need to be prepared for future situations such as the COVID-19 pandemic. Factors to consider when building such a contingency plan:

  • Team member safety
  • Access to cash or capital
  • Continuity of services
  • Communication protocols
  • Inventory / supply stockpile
  • IT infrastructure integrity/security
  • Data availability

9. Establish the vision for what the business will be

It may be hard to see beyond the imminent threat of the COVID-19 pandemic, but successful businesses see beyond the dark horizon and envision what can become in the long term. This vision will serve as a guiding star as short and mid-term challenges are navigated. The world is changing more rapidly than it ever has. Future growth and opportunities come from seeds that are planted today. All business analogies ultimately point towards Apple, so consider Apple 20 years ago. The dotcom bubble was crashing and the Apple computer business was failing. While the traditional Apple business was in a pinch, the leadership of Apple was envisioning the iPod and iPhone, which would go on to alter life as we know. If you struggle to cast a vision for your business, start with a perspective of gratitude for the fact that your business is surviving and build your vision from there.

10. Communicate… then communicate some more

If a mighty tree falls in the woods with no one to hear, does it make a sound? I have no idea. I do know that a business with a great plan but a failure to communicate it effectively has set itself up for loss. As businesses build their plan and formalize their identity for the post-pandemic era, they must communicate effectively. Key team members and strategic partners must understand your business’ intentions. Short, mid and long-term plans need to be communicated to provide guidance in the day-to-day and to provide stability over the mid and long-term time frames. Communicate how business is going to be different going forward. Communicate new cultural guardrails and expectations. Empathize with team members as they adjust to a new normal but be rational about the facts of the situation and the opportunities ahead. Instill confidence in team members by letting them be part of the long-term plan.

These are indeed interesting times, but these are times that businesses can use to add value to their future operations. Businesses that engage the new environment, are sensitive to their current and future customer needs, and that can be agile enough to deal with the challenges the restart will bring should be positioned for long term success.

We would be thrilled to talk to you about your business. If you would like to brainstorm more about how to strengthen your business for a successful post-pandemic relaunch, please contact Justin Hubbard at jhubbard@deandortonstg.wpenginepowered.com.

Article Dean Dorton

You’ve heard the standard tips and tricks of how to stay positive and productive when working from home- Keep a routine, make sure you’re active, get some fresh air, etc., but apart from the basics, how do you ensure you have the right technology tools to support you through this “new normal” we are facing?

With so much fear, uncertainty, and angst taking over our communities and daily lives, it’s hard to feel in control of both personal routines and business processes. Without a doubt, we are living in unprecedented times – add in the shelter in place orders, stir up of economic turmoil, and trying to work remotely – and you’re up for a challenge.

Businesses are being forced to shift their operations and focus on a digital and virtual business model. Don’t let technology disruptions stall your organization’s success– with Dean Dorton Technology, you can make your remote situation more stress-free and efficient with these top five tools from our diverse technology stack:

1. VoIP Systems: No phone technician, no problem! With our Voice-over IP (VoIP), your telephone system can be completely centralized to make communication with colleagues, customers, and prospects, more manageable and smoother. VoIP is not limited to local connections, so you can make or receive calls from anywhere. A few benefits of VoIP include:

  • Cost reduction from your current phone service
  • Single number reach to multiple devices and call forwarding. Office phones can be easily installed at remote employee homes
  • Soft-phones on remote PC’s or smartphones to maintain business identity and protect your employee’s private cell numbers
  • Voicemail to e-mail

2. Video Conferencing: How many times have you signed into a meeting and had to wait for someone to start sharing their screen and it didn’t work or got kicked out and had to dial-in a few times? With reliable tools like Cisco Webex, virtual collaboration has never been easier and more pain-free. You and your team can make the most out of every meeting (from the comfort of your own home!) with real-time mobility and “face-to-face” collaboration.

Yes, phone calls are great, but with all the stress around us, it’s critical to stay connected in a dynamic environment and continue maintaining personal relationships with colleagues and customers as much as possible.

3. Security Authentication: According to a security article from The Hill, researchers for cyber group Barracuda Networks found a 667 percent increase in phishing emails using the coronavirus to trick individuals into clicking links or downloading attachments that included computer viruses.

Don’t fall victim to ransomware and malicious encrypted messages- Dean Dorton has tools such as Okta, Duo, Crowdstrike, Cisco Umbrella, and many others to help ensure secure your user accounts and end-point devices are secure.

4. Cloud Accounting: Financial management is posing as a big challenge for some organizations that use on-premise solutions or have to maintain their servers onsite. With Dean Dorton’s premier cloud accounting solutions like Sage Intacct or Microsoft Dynamics 365 Business Central, you can access your financial and operational data from anywhere at any time, with the security of the cloud.

Accelerate your cash flow! With our cloud accounting solutions, go paperless with automated accounts receivable and accounts payable processes. This allows your finance team to avoid handling paper invoices and transactions, mitigating the risk for errors. You can also manage ACH payments quickly, letting you get paid faster and pay vendors faster during these trying times.

5. Team Collaboration: Apart from video conferencing, Dean Dorton’s team collaboration tools can make communication stronger and increase team productivity. With technology like Webex teams and file sharing, your entire organization and teams can chat in real-time and continuously be on the same page.

Overall, we don’t know how long this “work from home world” will last, but whether it’s three more weeks, one month, or six months or more, it is critical that your business is prepared to adapt and respond to unique scenarios like this. We also don’t know how many of our team members will want/expect to work from home permanently. Now is the perfect time to assess what technology you need for the current situation, but also plan for other “disaster scenarios” that could come in the future– will you be prepared to tackle those?

Don’t let technology disruptions get the best of your business. All in all, keep calm and carry on- and let Dean Dorton take the stress away when it comes to doing “all things digital.”

View all of Dean Dorton’s Remote Work Tools

Article Dean Dorton

For small businesses, the result of a cyber incident can be disastrous. While larger organizations and enterprises may be able to absorb the monetary costs and reputational damage that is caused by a cyber incident, most smaller businesses are unable.

“The National Cyber Security Alliance has recently released statistics that show 20% of small businesses experience such an attack every year, and that 60% of these businesses were forced to close within six months of being hacked.”1

Cybersecurity risks are constantly evolving as organizations adopt new technology (such as cloud services) and cyber criminals adopt new tactics, techniques, and procedures (TTPs). The construction industry doesn’t have the same regulatory and compliance requirements pertaining to cybersecurity that other industries—such as the financial and healthcare sectors—have, yet they face the same threats. For this reason, it is imperative for the construction industry to focus on cybersecurity risks to avoid becoming the next victim of cybercrime.

How a Cybersecurity Attack Can Impact Construction Companies

Today, construction companies transmit and store the kinds of sensitive data that cyber criminals target most. Employee and project information, contracts, financial data, and planning tools are all at risk — yet the industry remains behind the curve in bolstering cyber security measures compared to other industries. 

What’s more, the move to an increasingly remote workforce with more devices in play has exposed gaps in networks that cyber criminals are all too happy to exploit. And as the industry continues to embrace the Internet of Things (IoT) and leverage artificial intelligence technologies, their potential attack surface also continues to expand.

Cyber criminals most often seek financial gain from an attack via ransomware. But there are additional, deeper impacts of a cyber attack as well:

  • Down time: Deadlines aren’t made to be broken. An interruption in business due to a technology disruption can cost a company days or even weeks it can’t afford in reduced or even lost productivity.
  • Breach of project IP: Loss of privileged contracts, proprietary designs, schematics, and confidential blueprints can not only lead to huge financial losses. It could also result in irreparable damage to reputation.
  • Loss of bid information: Forfeiting leverage in the upfront process can result in losing competitive advantage, as well as the job itself.
  • Equipment damage: It’s a concern for equipment off and on site. Servers, devices, and key computing hardware are costly to repair or replace. And compromised on-site equipment can lead to significant physical damage to nearby structures and the equipment itself.
  • Workforce injuries: Protecting the most valuable asset is paramount. A security breach or system failure that allows autonomous equipment to be compromised puts the safety of workers — and civilians — at significant risk.  

There are many ways that cybercriminals (also known as threat actors) can compromise confidential information in an organization. Below, we’ll address three of the most common vectors for a successful cyber attack.

Common Cybersecurity Threats for Construction Companies:

Spear Phishing

One of the most common techniques, “spear phishing is an email targeted at a specific individual or department within an organization that appears to be from a trusted source. It’s actually cybercriminals attempting to steal confidential information. A whopping 91% of cyberattacks and the resulting data breach begin with a spear phishing email, according to research from security software firm Trend Micro. This conclusively shows that users really are the weak link in IT security.”2

Often, threat actors will employ the use of malicious file attachments when conducting these types of attacks. “There are many options for the attachment such as Microsoft Office documents, executables, PDFs, or archived files. Upon opening the attachment (and potentially clicking past protections), the adversary’s payload exploits a vulnerability or directly executes on the user’s system. The text of the spear phishing email usually tries to give a plausible reason to open the file, and may explain how to bypass system protections in order to do so. The email may also contain instructions on how to decrypt an attachment, such as a zip file password, in order to evade email boundary defenses. Adversaries frequently manipulate file extensions and icons in order to make attached executables appear to be document files, or files exploiting one application appear to be a file for a different one.”3

Password Spraying

This technique “uses one password (e.g. Password01), or a small list of passwords, that matches the complexity policy of the domain and may be a commonly used password. Logins are attempted with that password and many different accounts on a network to avoid account lockouts that would normally occur when brute forcing a single account with many passwords.” For instance, from September 2018 through February 2019, Proofpoint conducted a six-month study that analyzed over 100,000 unauthorized logins across millions of monitored cloud user-accounts.”4

“The company found that 60% of Microsoft Office 365 and G Suite tenants were targeted with IMAP-based password-spraying attacks, while 25 percent were successfully breached in this manner. Proofpoint noted that the number of IMAP-based password-spraying attacks jumped up following the December 2018 publishing of the Collection #1 data dump that exposed nearly 773 million unique emails and 21 million unique passwords.”5

Exploiting Vulnerabilities in Unpatched Software

“Earlier this year, the National Security Agency urged organizations to ensure that they are using patched and updated systems in the face of growing threats. The vulnerability is present in Windows 7, Windows XP, Server 2003 and 2008, and although Microsoft has issued a patch, potentially millions of machines are still vulnerable.”6

How Construction Companies Can Mitigate Cybersecurity Risks

Dean Dorton recommends that organizations consider the following to identify their risks and enhance their cybersecurity preparedness:

  • Identify where your valuable information is stored (on your internal network and the cloud)
  • Develop policies, procedures, and standards pertaining to cybersecurity
  • Adopt a cybersecurity control framework
  • Develop a cybersecurity incident response plan
  • Secure your backups; also, test your backups to ensure they work correctly upon use
  • Disable legacy authentication protocols (such as IMAP)
  • Enforce two-factor authentication (2FA), also referred to as multi-factor authentication (MFA)
  • Update and patch your computers. Vulnerable operating systems and third-party applications are often targeted by threat actors. You should ensure that your operating systems and third-party applications are updated with the latest updates.
  • Train your organization. “Organizations should ensure that they provide cybersecurity awareness training to their personnel. Ideally, organizations will have regular, mandatory cybersecurity awareness training sessions to ensure their personnel are informed about current cybersecurity threats and threat actor techniques. To improve workforce awareness, organizations can test their personnel with phishing assessments that simulate real-world phishing emails.”7
  • Perform regular cybersecurity assessment and penetration tests against the network—no less than once a year. Ideally, run these as often as possible and practical. Dean Dorton can perform these tests for you.

Dean Dorton’s Information Security Office (ISO) provides a team of experienced information security professionals who can augment your organization’s information security team or take the lead in designing, implementing, and maintaining a strong information security program on your behalf.

1https://www.csoonline.com/article/3437777/how-a-small-business-should-respond-to-a-hack.html
2https://www.knowbe4.com/spear-phishing/
3https://attack.mitre.org/techniques/T1193/
4https://attack.mitre.org/techniques/T1110/
5https://www.scmagazine.com/home/security-news/password-spraying-attacks-abuse-imap-to-break-into-targets-cloud-accounts/
6 https://www.nsa.gov/News-Features/News-Stories/Article-View/Article/1865726/nsa-cybersecurity-advisory-patch-remote-desktop-services-on-legacy-versions-of/
7 https://www.us-cert.gov/ncas/tips/ST19-001

Article Dean Dorton

What does a compliant, secure business look like? The reality is that a compliant, secure business is going to look different based on industry, size of business, type of regulatory environment the organization operates in, and the organization’s risk appetite.

Each organization has the ability to lay the groundwork for future compliance and security. Simple steps facilitate the building of the desired culture. These include:

  • Development of a defined organizational chart.
  • Written policies and procedures for key processes and controls to facilitate consistency and continuity.
  • Routinely educating staff and leadership on the current regulatory environment for your industry.
  • Identifying the key risks to the organization’s continuity and business model.
  • Defining the organization’s risk appetite by specifying what level of risk is acceptable and what level of risk is too high.
  • Defining the information technology environment in which the organization will operate.
  • Identifying disrupters which may materially impact the operational effectiveness of the organization.

Each of the above elements become part of the whole picture of the organization, and are the foundation upon which a compliant organization should be built.

One area which many organizations fail to consider when establishing the above building blocks are the cyber risks to the organization. As technology becomes more prevalent across all industries, and networked devices become the norm, there is an increased risk of cyber incidents.

As noted in the 2018 IBM/Ponemon Cost of Data Breach report, the average cost of a data breach in the U.S. is $7.91 million, but can vary widely depending on the industry in which you operate. As an example, the cost of a single breached healthcare record is at its highest point ever – $408 per record. The cost includes items such as legal fees, incident response, notification costs, loss of reputation, loss of business, remediation costs, etc.

The reputational harm; harm to your clients or customers and other distractions caused by a cybersecurity incident, can devastate the operations of any organization. Cybersecurity is about maintaining the confidentiality of sensitive information, whether that be healthcare data, manufacturing trade secrets, student, or donor data.  Cybersecurity is not just about confidentiality, it is also about maintaining the integrity of your information and maintaining system operations.

Looking to learn more?

Join us for our annual Board Oversight and Risk Management seminar on Wednesday, October 3, 2018 at the Olmsted in Louisville, Kentucky. During the seminar, you will gain a firm grasp of common financial and operational risks that companies and nonprofit organizations are confronted with daily. You’ll learn what you need to do, beyond insuring against the risks, to properly identify and navigate the most serious risks threatening you and your organization. This seminar is ideal for executive nonprofit and private company board members, corporate executives, senior compliance and risk officers, and in-house counsel.

Register Today

For more information on how to build a compliant business, while integrating cyber security and fraud considerations, contact Shawn Stevison or Gui Cozzi at 502-589-6050.

As originally featured in Louisville’s Business First

Article Dean Dorton

As enterprise cybersecurity awareness continues to evolve, so do the layers of protection any business or nonprofit organization needs to have in order to protect themselves. From user awareness training to vendor management, Dean Dorton Technology’s new cybersecurity team helps clients regularly diagnose, manage and mitigate their cybersecurity risks.

Dean Dorton Technology’s team provides holistic solutions that can be scaled from small nonprofit organizations to large public companies. Not sure where to start or struggling to hire and retain information security professionals? Dean Dorton Technology now has the team to provide your own outsourced Information Security Office.

Gui Cozzi joins Dean Dorton Technology with more than 20 years of experience in cybersecurity and successfully implements pragmatic and risk based security programs to meet compliance with organizations’ security requirements. Gui leads a team responsible for delivering enterprise cybersecurity services and personally specializes in information security program development, implementation, and assessment. His work is focused on positioning organizations to successfully identify and manage their information security risks.

Prior to joining Dean Dorton, Gui served in various Information Security leadership roles including implementing the Security Risk Management program for one of the nation’s largest health systems, leading teams of cybersecurity consultants, and serving as Chief Information Security Officers for organizations in various industries.

“We are thrilled to have Gui Cozzi on our team. As cyberattacks become an everyday occurrence, it is essential organizations adapt their cyber-governance programs and take proactive steps to ensure they are compliant and protected across the board,” says Jason Miller, Director of Business Consulting Services. “Many security controls and systems are behind the scenes and until they are comprised organizations may not know if they are providing the level of protection they expect and at that point too much damage has already occurred. Our Information Security Office program, led by Gui, offers peace of mind to clients that their cybersecurity programs are effective across the board.Learn More About our Cybersecurity ServicesDean Dorton Technology brings every aspect of cybersecurity programs in one place with a variety of features, products, and services that complement each other and deliver multiple, key layers of cybersecurity including:

  • Virtual Information Security Office
    • Security Risk Assessments
    • Security Policies and Procedures
    • Security Awareness Program
    • Technical Security Solutions
    • Incident Response
    • Security Reporting
  • Cybersecurity Assessment Services
    • External/Internal Security Assessments
    • Adversarial Threat Simulation (Pen testing)
    • Application Security Assessments
    • Cloud Security Reviews
    • Mobile Device Security Reviews

Beyond the technology and the platform capabilities, Dean Dorton’s cybersecurity team reviews and analyzes any testing results and assessments, effectively adding another layer of analysis (and protection) to determine the maturity of your organization’s cybersecurity program and procedures. Dean Dorton then designs, implements, and can help clients maintain their comprehensive line of security program services, tailored to clients’ needs.

“We are thrilled to have Gui Cozzi on our team. As cyberattacks become an everyday occurrence, it is essential organizations adapt their cyber-governance programs and take proactive steps to ensure they are compliant and protected across the board.”

Jason Miller, Director of Business Consulting Services