Consulting Advisors
Strategic Planners
Change Agents

Consulting Advisory

Security Architecture

Cyber  |  Cloud | Continuity

Strategy | Planning

Project Management

Third-Party Assessment

Program Maturity

 ​​Vendor Supply Chain 

​CMMC - RP

CISSP (107408)

e-DISCOVERY SOFTWARE SaaS PROVIDER

• Established risk profile and security program for startup organization's SaaS offerings

• Satisfied 3rd round investors' concerns surrounding risk of cloud offering

• Educated sales & marketing team of cloud security 

​HEALTHCARE - MENTAL HEALTH

• Conducted HIPAA risk assessment and business impact analysis satisfying Meaningful Use regulatory requirements

• Developed strategic and tactical road map for risk reduction and security posture improvement

• Prepared Business Continuity and Disaster Recovery plan including Incident Response plan

STATE BOARD OF REGENTS

• Developed initial phase of incident response plan for state university and college systems

• Prepared and facilitated tabletop exercise

• Provided written evaluation of exercise with phase two recommendations

HEALTH CARE - STATE PHYSICIAN'S ASSOCIATION EMR

• Prepared RFP specification for evaluating potential providers of EMR software and infrastructure services

• Evaluated HIPPA risk and security profiles of vendors responding to RFP

• Provided comments to Association specific to vendors risk and security programs

INSURANCE CARRIER - AUTOMOTIVE & HEALTH

• Evaluated risk profile and security program creating awareness for executive leadership

• Identified opportunities for improvement and areas of concern for legal, audit, business line managers and CIO

• Satisfied investment group's cyber-risk concerns

INTERNATIONAL BANKING – ASIA PACIFIC

• Established risk profile and security program of organization and infrastructure provider establishing SaaS offering of BPO and wealth management software for international banking clients

• Satisfied regulatory requirement (Singapore Monetary Authority) and potential initial client's security requirements 

• Established management, operational, & technical policies preparing for ISO 27001:2015 certification

LAW OFFICES

• Assessed risk profile and security posture preparing the Firm to meet banking and insurance clients' regulatory requirements

• Developed key risk and performance indicators for security program

• Prepared strategies to reduce risk, improve security posture

• Established system security plan and business continuity / disaster recovery plan

LOGISTICAL TRANSPORTATION - AIR AND LAND PACKAGE DELIIVERY

• Developed risk and security framework for evaluating  domestic and international vendor partners

• Evaluated risk profiles and security programs of vendors and 3rd-party companies providing BPO services

• Provided executive briefing for board and leaders needing to evaluate and approve vendor contracts

MANUFACTURER AND SUPPLY CHAIN FULFILLMENT

• Led organization’s security initiative for FISMA/FIBS self-certification to achieve DOD sub-contractor status

• Developed system security plan establishing key performance indicators for improving program maturity

• Established business continuity / disaster recovery plan

RETAIL - NATIONWIDE CASUAL DINING

• Evaluated risk profile and security program establishing risk and performance indicators for executive leadership

• Conducted current and desired state analysis identifying opportunities to improve risk and security maturity

• Prepared gap analysis and risk road map including multi-year budgets

RETAIL - GLOBAL FAST FOOD

• Established security program framework to meet newly enacted state legislation providing "safe harbor" from class action lawsuits

• Evaluated security program maturity for new framework

• Established strategic road map including budgets spanning two year cycle

Frank and Rob are very professional and knowledgeable in the areas of risk, cyber-security, and business continuity. Both were committed to the assessment and develop of our programs and willingly provided the time needed to assist us through the process.

Frank has proven knowledge of technology and security. He has helped me and many others understand the risks and obligations of technology in relationship to the regulatory compliance and legal mitigation.

I’ve have found Frank to be a professional individual with considerable knowledge of information security. When I’ve referred clients to him, I comfortable knowing that he will keep my best interest at heart. I am glad to call him a business partner and a friend.

Frank Platt, CMMC - RP, CISSP

Frank is a consulting professional with 20+ years of client focused experience in risk management, cyber / information security and over 30 years in information technology design and project management for healthcare, manufacturing, banking, legal, transportation, sporting and stadium facilities, retail, K-12 and higher education.

​

Today he assist corporate leaders address cyber-defense and information security by developing sustainable and measurable programs for  assessing, developing, and implementing risk management and security programs.

​

Frank is a  CMMC Registered Professional, CISSP,  a Senior Member of the Information Systems Security Association (ISSA) and currently serves on the board of ISACA Middle Tennessee.

Rob Preininger, CBCP, an Alliance Member, is a business expert with 17+ years of experience helping companies protect their personnel, operations, communications and data assets.

Rob is a Certified Business Continuity Professional (CBCP) trained by the Disaster Recovery Institute (DRI) International. He has nearly a decade of experience in business continuity planning, and has served on the board of directors for the Middle Tennessee Chapter of the Association of Contingency Planners. Rob is committed to building resilient businesses through business continuity and information security programs that better protect people, data and operations.

As a consultant with InfoSec Alliance, Rob’s background includes strong expertise as a consultant, analyst and project manager.