As 2024 draws to a close, we at Seiso are excited to share the milestones and achievements that have defined our year. From strategic expansions to thought leadership in cybersecurity, our commitment to excellence and innovation has only been strengthened.
From the Desk of the COO
It is that time of year- the task is upon us yet again to start thinking about the goals we want to achieve in 2025, and beyond. This is also the time of year where we focus on wrapping up our 2024 goals and look back on how we accomplished said goals. Don’t be too hard on yourself if you did not achieve everything you wanted to or focused on other things that were thrown your way. A main aspect about goal setting that we sometimes forget is that continuous improvement and the pursuit of achievement is an ongoing practice; not an end state.
Looking ahead, it is important to set goals that align with our values, both professionally and personally. In cybersecurity, that means prioritizing actions that not only strengthen defenses but also promote a healthy work-life balance. The ongoing threats we face everyday can be overwhelming. Focusing on what truly matters-protecting our people-can bring purpose and clarity to our efforts. Remember, our work is about more than just keeping systems secure; it’s about creating a safer digital world for everyone.
Here’s to a year of resilience, growth, and making a difference in the world of cybersecurity. See you in the New Year.
Eric Lansbery, COO
Expanded Offerings and Customer Innovations
Our entire Seiso team has been working hard to deliver on customer initiatives, helping to simplify the sometimes overly complex nature of protecting what matters most – people. The people behind the operations, the products, the departments of any organization know that without the support of cybersecurity, the very livelihood of their products (and their businesses) are at risk.
Cyber Resilience Strategy & Business Continuity
In 2024, we broadened our service offerings by integrating full-service crisis management and communication capabilities. The addition of internationally recognized experts Dianne Chase and Cynthia Cavendish-Carey has enabled us to provide comprehensive support across various risk scenarios, including emergency succession, financial, employee, and legal issues.
Bad actors are launching sophisticated cyberattacks against mid-sized organizations with alarming regularity and these attacks destabilize business operations for days, weeks, or even longer.
Seiso’s Cyber Resilience Strategy & Business Continuity solutions help you minimize interruptions and reduce reputational and financial risks with a tailored approach to preparedness, response, and recovery.
vGRC: A Flexible Approach to Accelerate Compliance for Lean Teams
In 2024, Seiso launched vGRC, a tailored GRC as a service solution to help organizations manage governance, risk, and compliance with lean, efficient teams.
We launched vGRC in response to a common challenge in security management: without ongoing oversight, even remediated risks can resurface, and security effectiveness can degrade over time.
With Seiso’s vGRC Managed Services, your security program stays effective, audit-ready, and resilient. We deliver continuous governance, risk, and compliance management through strategically selected activities, customized to your organization’s unique needs and operational cadence.
The result? A security program that doesn’t just meet today’s challenges but evolves to meet tomorrow’s, ensuring risks remain under control and your organization is always prepared.
CyberSecure Strategy Blueprint
The CyberSecure Strategy Blueprint is a tailored solution to help your organization build a robust cybersecurity strategy aligned with the most demanding and unique risk landscapes and regulatory requirements. Through a systematic planning methodology, we deliver a comprehensive, actionable roadmap to guide your security program from where you are now to where you need to be.
This service is ideal for organizations that are:
- Building a New Security Program: Just getting started with cybersecurity or compliance initiatives.
- Seeking Strategic Direction: Looking for expert guidance to align security efforts with business priorities.
- Facing Complex Compliance Needs: Navigating multiple standards or regulations like ISO 27001, SOC 2, or CMMC.
- Focused on Long-term Maturity: Ready to shift from reactive security to a proactive, strategic approach.
Chart your path to a stronger, more resilient cybersecurity program with Seiso’s CyberSecure Strategy Blueprint.
Snapshot Assessment
Do you need to know quickly where to begin closing gaps? We created a free snapshot assessment to provide a fast and clear path to understanding your security posture compared to industry benchmarks and best practices.
Get an actionable report with a risk-based ranking to immediately address critical security issues and align your security objectives and investments with your business strategy, to inform a more proactive and effective security program design.
Request your free snapshot assessment here.
New Custom GPT
Seiso’s CTO Jon Zeolla has developed an AI-driven threat modeling custom GPT that’s ready to change the way we approach managing risks.
This tool is a game-changer, leveraging the power of AI to help us identify and tackle cybersecurity threats. If you have a ChatGPT Plus subscription, you can use this for free today!
Talk to an expert AI and find the cybersecurity threats that our company should be thinking about, and what to do about them.
Try our Custom GPT for yourself.
Industry Expansion
In 2024, Seiso expanded into several new markets that match our growing capabilities to the challenging opportunities in these industries. Whether it’s securing complex AI systems or ensuring the safety of industrial processes, our approach is always authentic, authoritative, and consultative.
We’re proud to have expanded to the following areas:
Automotive SaaS as connected vehicles and software services demand robust cybersecurity. Our solutions ensure your data privacy and system integrity, keeping your innovations secure.
AI SaaS to address the unique challenges you face with AI-driven platforms. We’re here to protect your machine learning models from cyber threats, ensuring your AI innovations are secure and reliable.
In the Energy sector, we’ve tailored our approach to safeguard critical infrastructure to prevent disruptions, acknowledging the high stakes in electricity, oil, gas and alternative energy operations.
For the Chemical industry, we’ve been helping customers mature cybersecurity measures that protect proprietary processes and operational technology.
Another Tech50 Nomination!
Seiso was selected again as a Pittsburgh Technology Council & Fortyx80 2024 Tech 50 Finalist in the Cybersecurity category! We were also selected in 2023. We are so proud to stand among other notable tech innovators, showcasing the vibrant tech scene in Pittsburgh.
This honor not only celebrates our past achievements but also motivates us to continue setting high standards in cybersecurity. Thank you to our team for their dedication and to our partners and clients for their trust and collaboration.
Get the full list of PGH Tech50 finalists
New Team Members and Promotions
In support of our mission to simplify cybersecurity, we’re proud to announce the addition and promotion of several team members in 2024.
Kimberly Moss, GRC Engineer
This year, we welcomed Kimberly Moss as GRC Engineer II. Kimberly brings a wealth of experience, including roles as SOC Analyst, Security Engineer, and in Security Compliance and Privacy Management. Beyond her expertise, she’s a dedicated advocate for women in tech and plays a pivotal role in helping students from her alma mater break into cybersecurity.
Her expertise has been instrumental in expanding our Governance, Risk, and Compliance (GRC) services, further enhancing our ability to meet clients’ needs in this critical area.
We’re thrilled to have Kimberly onboard!
Eric Lansbery Promoted to Chief Operating Officer
April marked a significant leadership development with the promotion of Eric Lansbery to Chief Operating Officer. Eric’s journey to COO reflects his dedication and strategic vision. His new role, coupled with his ownership stake in Seiso and his ability to execute on a technical level, positions us for continued growth and operational excellence.
Learn more about Eric’s promotion.
Keith Holland Promoted to Sr. Security Engineer
Keith Holland has been promoted to Senior Security Engineer at Seiso. He brings over 25 years of diverse IT experience, ranging from hardware and software troubleshooting in the 1990s to advanced cybersecurity roles today. Since 2018, he has focused on offensive, defensive, and compliance aspects of cybersecurity, gaining valuable experience in various disciplines.
As a Cyber Warfare Warrant Officer in the Alabama National Guard, he leads defensive cyber operations, develops training programs, builds on-premise and cloud-based lab environments, recommends security controls for clients, and actively manages an incident response crew. His military experience includes a tour in Afghanistan and ongoing work in conjunction with Army Cyber Command at Ft. Meade, MD.
Keith holds an MS in Information Security and Assurance from Western Governors University, a BS in Computer Science/Religious Studies from Liberty University, and numerous industry certifications, including CISSP, CASP+, Security+, and CCNA. He also holds an active TS/SCI clearance.
Emily Smith Promoted to GRC Engineer III
Emily Smith has been promoted to GRC Engineer III at Seiso. With expertise in Governance, Risk, and Compliance (GRC), she helps clients enhance their security programs to meet their specific needs and regulatory requirements, including ISO 27001, HIPAA, HITRUST, and SOC 2.
Her background includes six years of implementing security and a GRC tool for SAP ERP systems, providing end-to-end project lifecycle support. This involved designing security solutions based on client requirements, building and testing those solutions, and conducting risk workshops to develop tailored risk rulesets for preventing, monitoring, and logging segregation of duties and privileged access issues.
Emily is proficient in creating and tailoring security policies, building risk management programs, providing ongoing GRC support for customer Information Security Management Systems, assisting with both internal and external audits, and developing and delivering content to enhance security awareness training. She holds a BS in Business Administration (Information Systems) from Central Michigan University and is TERP10 certified in SAP ERP Integration of Business Processes.
Heidi Patrick Promoted to Sr. GRC Engineer
With an impressive background, Heidi brings a wealth of expertise to her new role. Previously serving 8 years in the US Navy as a Network Systems Administrator, Information Systems Security Manager, and Cybersecurity Workforce Manager, she also holds a position in the US Navy Reserve. Her civilian career includes roles in IT at UC San Diego and Southern Illinois University School of Medicine, focusing on system administration and HIPAA compliance. Heidi’s expertise spans Information Assurance, governance, risk, and compliance, with a focus on policy development, vulnerability assessments, and network administration. She holds certifications like CMMC-RP, CompTIA Security+, and has extensive experience with ISO 27001 and NIST standards.
Meet Heidi on the Side-Up Podcast
Industry and Community Engagement
In 2024 we continued our tradition of actively engaging with the cybersecurity community through key industry events and local initiatives. Our team has participated in discussions on critical topics like risk management and AI governance, while also organizing and attending a major local security conference. These engagements not only enrich our strategies but also foster a collaborative environment.
Three Rivers Information Security Symposium (TRISS)
Our team actively participated in key industry events, notably the Three Rivers Information Security Symposium (TRISS) in October. Engaging with Pittsburgh’s cybersecurity community, we explored topics such as proactive risk management, AI governance, and the importance of diversity in the field. These discussions have been instrumental in shaping our strategies and services.
BSides Pittsburgh
Several members of the Seiso leadership team are organizers for BSidesPGH, a volunteer-run information security conference held annually in Pittsburgh. BSidesPGH has grown exponentially over the past 11 years.
This year’s event attracted upwards of 800 attendees, including CEOs, CISOs, and technology practitioners of all kinds.
More than just another cybersecurity conference—BSidesPGH is a thriving community and a catalyst for positive change in the industry. This event has become a cornerstone for those who seek not just to learn, but to connect, collaborate, and carve out new paths in cybersecurity.
As part of this year’s BsidesPGH, the Seiso team took a break from simplifying cybersecurity, by stopping by Pittsburgh’s Museum of Illusions, where reality gets flipped on its head. Here, in this maze of optical tricks, we weren’t just colleagues; we became explorers of the absurd, laughing at the laws of physics turned upside down! It was a playful reminder that sometimes, the best way to tackle complex problems is with a fresh, fun perspective.
Join us at the next BSides PGH, July 11th 2025!
KubeCon and DevSecCon
Our Chief Technology Officer and co-founder, Jon Zeolla, has continued to contribute to the cybersecurity discourse. His expertise in cloud-native security and compliance, along with his active participation in conferences like KubeCon and DevSecCon, underscores our commitment to thought leadership and industry advancement.
Learn about Jon Zeolla’s contributions.
New and Expanded Partnerships
In 2024, Seiso took significant strides in enhancing our cybersecurity capabilities and extending our market reach through strategic partnerships with three key organizations: IANS and ATA.
Our collaboration with IANS has been instrumental in tapping into their extensive research and peer insights, allowing us to refine our GRC (Governance, Risk, and Compliance) services with data-driven strategies. This partnership has not only bolstered our advisory services but also enriched our understanding of the latest security trends, ensuring our solutions remain at the forefront of the industry.
Seiso Co-Founder and CEO, Joe Wynn and Seiso Co-founder and CTO, Jon Zeolla serve as IANS Faculty.
Lastly, partnering with ATA (Advanced Technology Associates) has enabled us to leverage their technological innovations, particularly in network security and threat intelligence. This collaboration has expanded our capability to offer state-of-the-art solutions that meet the evolving needs of our clients across various sectors.
New Resources from Seiso Notes
Seiso published several new resources this year including a new podcast, guides, checklist and more.
We Launched a New Podcast!
In 2024, we launched our very first podcast,
In 2024, we launched a new podcast! In the Seiso Side-Up we discuss the most critical topics in cybersecurity, best practices, and the latest industry news to help cybersecurity and business teams navigate the complexities of the cyber threat landscape together.
Side-Up is led and hosted by Lauren Shaffer, Project Manager, Scrum Master, Marathon Runner, and Dog Trainer. This season, we dove into topics ranging from cybersecurity to work-life harmony, to ethics. Stay tuned for new episodes in 2025!
Compliance Checklist and Guide
Written by our team of former CISOs and certified regulated industry compliance experts, our compliance checklist and guide provides a practical approach to simplify and accelerate your compliance journey and avoid the pitfalls along the way.
Get your free compliance guide
Break the Cycle of Complexity
By focusing on reduction, clarity, and tailored solutions, you can get more done with fewer resources. Move your security program from burden into advantage.
Learn how to simplify cybersecurity in your business.
Simplifying GRC to Drive Growth and Build Lasting Security
Managing governance, risk and compliance effectively is essential to your business’s long-term success. But don’t just check compliance boxes—build a GRC program that’s embedded into the DNA of your business.
Start simplifying your GRC program
Working With External Cybersecurity Providers
Companies with small teams find it hard to keep up with all the new risks and regulations. Sound familiar? If so, our guide to working with external cybersecurity providers will help.
Read the Guide: Working with External Cybersecurity Providers
Looking Ahead to 2025
As we prepare for 2025, our focus remains on delivering innovative, client-centered solutions. We are dedicated to enhancing our service offerings, fostering industry partnerships, and upholding the highest standards of cybersecurity excellence.
Thank you for your continued trust and partnership. We look forward to achieving new heights together in the coming year.
