is your company vulnerable to cyber security attacks?

  • Are you concerned about cyber security?
  • Can you be held negligent or liable if you or someone you are connected to suffers a breach?
  • Are you compliant?
  • Have customers or potential customers asked you how secure you are?
  • If you found out tomorrow you were breached would you know what to do? Who to call? Can you protect your reputation?

cyber security

it's a growing business

The average cost of a SMB data breach is now $117,000 per incident, according to a large study of data breach costs at small to medium sized businesses.
"60 Percent of Small Businesses Fold Within 6 Months of a Cyber Attack."
About Us


CSI’s mission is to provide real and actionable solutions by industry professionals who are experts in their fields. We provide the tools, techniques and advice for designing a successful, integrated security system that anticipates future issues. We want our customers to understand that vulnerabilities of the past should not compromise the networks of the future.

our services

let us help ease your mind


We provide vulnerability and penetration testing for your wired and wireless networks in accordance with PCI DSS, GLBA, NCUA, HIPAA compliance assessments.


With a focus on the OWASP secuirty testing standards, web and mobile application penetration testing uses non-disruptive techniques to identify weaknesses in your app code and database layers which could be exploited during an attack.


We view compliance as an opportunity to help make your business more prepared and to lower the risk of a cyber-incident/breach, reduce and/or eliminate the liability associated with loss or theft of information, and protect their reputation, through risk identification, assessment.


We will assess your organization’s information security posture in key areas such as policies and procedures, training, personnel security, access control, patch management, network security, data protection, etc. These findings are then analyzed to identify and highlight areas in need of improvement.


We prioritize activities based on risk severity, associated cost of the solution, and ease of implementation. As remediation efforts are budgeted and planned for, we assist in the execution of your remediation roadmap with consulting and staff augmentation.


We assist in creating security awareness programs that increase your employee’s vigilance towards identifying social engineering threats with a focus on understanding considerations unique to your organization’s industry sector and culture.


When your network or website is compromised, prompt action is necessary to effectively contain and recover from the incident. Our consultants are experienced in countering the unpredictable and urgent nature of these events. We have the tools that your organization needs to successfully mitigate breach damages


Electronic data is created by each of us every day, and it captures our best and worst moments. A phone can tell us where people have been. It can tell us where they have not been. It can tell us who they have been talking to, emailing, or texting. Perhaps, your business is facing an employment dispute, a personal injury case, or other legal situation. Our digital forensics services can provide your organization with a source of significant evidence.

See how this University case study identified the risk and effect of a cyber crime.

The effect of a cybercrime

The effect of a cybercrime

Identifiable intangible assets

  • Loss of intellectual property
  • Loss of personal and/or sensitive data
  • Damage to a company brand and/or reputation


  • Cost of countermeasures and insurance
  • Cost of mitigation strategies
  • Cost of recovery from cyber attacks
Information Security & Physical Property

Information Security & Physical Property

Information Security


  • Personal data for students, alumni, parents
  • Financial assistance
    • Credit / Banking
    • SSN
    • Tax / income statements
      Medical records
  • Sponsorship data / Student grades

Point-of-Sale data
Intellectual property / cutting-edge research

Physical Property

  • R&D
  • University Property
Exploit the Camera for malicious activities

Exploit the Camera for malicious activities

  • Remotely gain root access to the camera, potentially gaining access to the rest of the network
  • Spoofing the DNS server addresses specified in the camera's settings
  • Stealing credentials from camera users
  • Hijack devices using just the IP address and without previous access to the camera or its login credentials
  • Launch a distributed denial-of-service (DDoS)
    • Does the Mirai botnet sound familiar?
Exploit the Camera for control

Exploit the Camera for control

  • Access to live / recorded video and audio feeds
  • Execute remote commands against the camera
  • Gain access to the video stream
  • Ability to freeze streaming
  • Control the camera lens motion
  • Alter the software of the camera
  • Simply rendering the camera entirely useless, leaving the premise at risk
  • Add the botnet to the camera(s)


Threat to Assets:

  • DDoS
  • Video tampering
  • Network penetration

Vulnerabilities present in the environment:

  • Technological Obsolescence
  • Out-of-date software / firmware
  • Poor configuration

Evidence of vulnerabilities:

  • Older devices that cannot be patched
  • Default PW on devices
  • Sporadic encryption

Risk summary:

  • Potential exploit of known
  • Hijacking of camera (streaming,
    recording, audio, visual clarity)
  • Network penetration into information systems


• Security Professional (CISSP)
• ​​​​Certified Ethical Hacker
• Certified Incident Handler
• Certified Hacking Forensic Investigator
• DHS: Information Security Certified

Alarm System

Strategic Partners


Can you claim you have implemented “Reasonable Security?”

Can your company be breached by hackers? Could you have prevented that breach? If you suffer a breach what are the ramifications: Potential class-action lawsuit or an investigation and fines by a regulatory agency? Assuming you can’t prevent the breach, 1 can you avoid lawsuits by disgruntled customers or investigations by a State Attorney General (AG), the FTC, SEC, HHS, PCI (Purchase Card Industry), etc.? Prevent, probably not, but successfully defend; most likely! The common factor in most of data breach class-action lawsuits as well as investigations by regulatory agencies is the allegation that the breached company failed to implement “reasonable security or protections” to prevent the breach. Logically then, if you implement “reasonable security and protections” you should be able to confidently defend your security practices and actions.

David Willson

CISSP (Certified Information System Security Professional)

How Can We Help?