top of page


Managing Your Risks - Protecting Your Data

Service Offerings

Cyber Security and data protection services for small and medium size business and non-profits.

Executive CISO and DPO Advisory Services.

Complicated Puzzle

Security & Privacy Compliance

Assisting your business meet regulatory or industry standard requirements such as:


ISO 27001 or NIST 800-53

GDPR or U.S. State Privacy Laws.

Security & Privacy Supply Chain Management

Supporting your business ability to manage third-party vendors due diligence product review, data protection language in contracts, on-boarding, annual review process and off-boarding. 

Security & Privacy Risk Assessment

Performing a review of your business policies and technical activities based upon your business risk appetite and providing risk management options.

Business Continuity and Disaster Recovery

Aiding your business with planning and preparing for disruptive events such as pandemic, hurricane or fire to ransomware, phishing, or DDoS. 

Security & Privacy Awareness, Training and Education

Teaching security & privacy best practices to your business.  Help build a Security Awareness Program.


Act as your business Virtual or Interim CISO/DPO.  Assist your business CISO/DPO with their workload.  Mentor your key employee for the CISO/DPO role.


My name is Cheryl Carmel

I am a privacy and cybersecurity professional who advises business leaders helping them establish or improve their capabilities to protect data entrusted to them through commonsense cybersecurity principles.

I believe that building data protection and cyber security into the foundation and culture of a company is a compelling business enabler.  I take a risk-based approach to achieve the desired security posture and recognize the importance of compliance frameworks.  I have successfully navigated companies through the process to audit or certify to FedRAMP, NIST 800-53, ISO 27001, AICPA SOC 1, 2 and 3, HIPAA, PCI-DSS and Privacy Shield.

I am a Certified Information System Security Professional (CISSP) and Certified Information Privacy Technologist (CIPT).  I have many years of experience in the technology industry and have dedicated the last 15 years to corporate Information Security and Privacy. 

I have spoken at industry conferences for many years with focus on topics including improving incident response programs, creating security awareness programs, and building business continuity programs.  I am an advocate to educate consumers on digital safety.

  • Twitter
  • LinkedIn
Cheryl Carmel.jpg



Thanks for submitting!

bottom of page