As 2024 draws to a close, we at Seiso are excited to share the milestones and achievements that have defined our year. From strategic expansions to thought leadership in cybersecurity, our commitment to excellence and innovation has only been strengthened.
From the Desk of the COO
It is that time of year- the task is upon us yet again to start thinking about the goals we want to achieve in 2025, and beyond. This is also the time of year when we focus on wrapping up our 2024 goals and look back on how we accomplished said goals. Don’t be too hard on yourself if you did not achieve everything you wanted to or focused on other things that were thrown your way. A main aspect about goal setting that we sometimes forget is that continuous improvement and the pursuit of achievement is an ongoing practice, not an end state.
Looking ahead, it is important to set goals that align with our values, both professionally and personally. In cybersecurity, that means prioritizing actions that not only strengthen defenses but also promote a healthy work-life balance. The ongoing threats we face everyday can be overwhelming. Focusing on what truly matters-protecting our people-can bring purpose and clarity to our efforts. Remember, our work is about more than just keeping systems secure; it’s about creating a safer digital world for everyone.
Here’s to a year of resilience, growth, and making a difference in the world of cybersecurity. See you in the New Year.
Eric Lansbery, COO
Expanded Offerings and Customer Innovations
At Seiso, our team has focused on driving customer initiatives that simplify the often-overcomplicated world of cybersecurity. Protecting what matters most—people—is our core mission. Without effective cybersecurity, the individuals behind every operation, product, and department face increasing risks that threaten not just their work but the stability and success of the entire business.
Seiso Became Trusted Cloud Consultant in Cloud Security Alliance
In 2024, Seiso proudly achieved the Trusted Cloud Consultant (TCC) Trustmark from the Cloud Security Alliance (CSA), a significant milestone that underscores its expertise and leadership in cloud security. This prestigious designation reflects Seiso’s commitment to helping organizations navigate the complexities of cloud security by providing tailored solutions that strengthen their security posture. With the TCC Trustmark, Seiso is recognized as a trusted partner for businesses looking to securely adopt and optimize cloud technologies in today’s dynamic digital landscape.
The partnership also highlights Seiso’s investment in expertise, with its consultants certified in industry-leading credentials such as the Certificate of Cloud Security Knowledge (CCSK) and the Certificate of Cloud Auditing Knowledge (CCAK). Beyond certification, Seiso actively contributes to CSA programs, further solidifying its position as a leader in cloud security and compliance.
This achievement not only reinforces Seiso’s mission to empower organizations with robust, reliable cloud security strategies but also reflects its role in fostering a culture of compliance and shared responsibility between cloud customers and providers.
Cyber Resilience Strategy & Business Continuity
In 2024, we broadened our service offerings by integrating full-service crisis management and communication capabilities. The addition of internationally recognized experts Cynthia Cavendish-Carey and Dianne Chase has enabled us to provide comprehensive support across various risk scenarios, including emergency succession, financial, employee, and legal issues.
Bad actors are launching sophisticated cyberattacks against mid-sized organizations with alarming regularity and these attacks destabilize business operations for days, weeks, or even longer.
Seiso’s Cyber Resilience Strategy & Business Continuity solutions help you minimize interruptions and reduce reputational and financial risks with a tailored approach to preparedness, response, and recovery.
Strengthen your resilience with expert guidance and support
vGRC: A Flexible Approach to Accelerate Compliance for Lean Teams
In 2024, Seiso launched vGRC, a tailored GRC as a service solution to help organizations manage governance, risk, and compliance with lean, efficient teams.
We launched vGRC in response to a common challenge in security management. Without ongoing oversight, even remediated risks can resurface, and security effectiveness can degrade over time.
With Seiso’s vGRC Managed Services, your security program stays effective, audit-ready, and resilient. We deliver continuous governance, risk, and compliance management through strategically selected activities, customized to your organization’s unique needs and operational cadence.
The result? A security program that doesn’t just meet today’s challenges but evolves to meet tomorrow’s, ensuring risks remain under control and your organization is always prepared.
Streamline compliance with tailored vGRC
CyberSecure Strategy Blueprint
The CyberSecure Strategy Blueprint is a tailored solution to help your organization build a robust cybersecurity strategy aligned with the most demanding and unique risk landscapes and regulatory requirements. We deliver a comprehensive, actionable roadmap through a systematic planning methodology to guide your security program from where you are now to where you need to be.
This service is ideal for organizations that are:
- Building a New Security Program: Just getting started with cybersecurity or compliance initiatives.
- Seeking Strategic Direction: Looking for expert guidance to align security efforts with business priorities.
- Facing Complex Compliance Needs: Navigating multiple standards or regulations like ISO 27001, SOC 2, or CMMC.
- Focused on Long-term Maturity: Ready to shift from reactive security to a proactive, strategic approach.
Chart your path to a stronger, more resilient cybersecurity program with Seiso’s CyberSecure Strategy Blueprint.
Snapshot Assessment
Do you need to quickly identify where to start closing gaps? Our free snapshot assessment offers a fast and clear understanding of issues in your security program compared to industry benchmarks and best practices.
Get an actionable report with a risk-based ranking to immediately address critical issues. Align your security objectives and investments with your business strategy and build a more proactive and effective security program.
Request your free snapshot assessment here to take the first step toward stronger security.
New Custom GPT
Seiso’s CTO, Jon Zeolla, has developed an AI-driven threat modeling custom GPT that’s ready to change the way you approach managing risks.
This tool is a game-changer, leveraging the power of AI to help you identify and tackle cybersecurity threats. If you have a ChatGPT Plus subscription, you can use this for free today!
Talk to an expert AI and find the cybersecurity threats your company should be considering and what to do about them.
Try our Custom GPT for yourself.
Industry Expansion
In 2024, Seiso expanded into several new markets that match our growing capabilities to the challenging opportunities in these industries. Whether it’s securing complex AI systems or ensuring the safety of industrial processes, our approach is always authentic, authoritative, and consultative.
We’re proud to have expanded to the following areas:
Automotive SaaS as connected vehicles and software services demand robust cybersecurity. Our solutions ensure your data privacy and system integrity, keeping your innovations secure.
AI SaaS to address the unique challenges you face with AI-driven platforms. We’re here to protect your machine learning models from cyber threats, ensuring your AI innovations are secure and reliable.
In the Energy sector, we’ve tailored our approach to safeguard critical infrastructure to prevent disruptions, acknowledging the high stakes in electricity, oil, gas and alternative energy operations.
For the Chemical industry, we’ve been helping customers mature cybersecurity measures that protect proprietary processes and operational technology.
Seiso Was a Tech50 Finalist!
Seiso was selected again as a Finalist in the Pittsburgh Technology Council & Fortyx80 2024 Tech 50 Cybersecurity category! We were also selected as a Finalist in 2023. We are so proud to stand among other notable tech innovators, showcasing the vibrant tech scene in Pittsburgh.
This honor not only celebrates our past achievements but also motivates us to continue setting high standards in cybersecurity. Thank you to our team for their dedication and to our partners and clients for their trust and collaboration.
Get the full list of PGH Tech50 finalists
New Team Members and Promotions
In support of our mission to simplify cybersecurity, we’re proud to announce the addition and promotion of several team members in 2024.
Kimberly Moss, GRC Engineer
This year, we had the pleasure of welcoming Kimberly Moss as a GRC Engineer II. Kimberly brings extensive experience to Seiso, having served as a SOC Analyst, Security Engineer, and Information Security Manager. In addition to her technical expertise, Kimberly is a passionate advocate for women in tech and is deeply committed to mentoring students from her alma mater as they launch their careers in cybersecurity.
Her expertise has been instrumental in expanding our Governance, Risk, and Compliance (GRC) services, further enhancing our ability to meet clients’ needs in this critical area.
We’re thrilled to have Kimberly onboard!
Eric Lansbery Promoted to Chief Operating Officer
April marked a significant leadership development with the promotion of Eric Lansbery to Chief Operating Officer. Eric’s journey to COO reflects his dedication and strategic vision. His new role, coupled with his ownership stake in Seiso and his ability to execute on a technical level, positions us for continued growth and operational excellence.
Learn more about Eric’s promotion.
Keith Holland Promoted to Sr. Security Engineer
Keith Holland has been promoted to Senior Security Engineer at Seiso. He brings over 25 years of diverse IT experience, ranging from hardware and software troubleshooting in the 1990s to advanced cybersecurity roles today. Since 2018, he has focused on offensive, defensive, and compliance aspects of cybersecurity, gaining valuable experience in various disciplines.
As a Cyber Warfare Warrant Officer in the Alabama National Guard, he leads defensive cyber operations, develops training programs, builds on-premise and cloud-based lab environments, recommends security controls for clients, and actively manages an incident response crew. His military experience includes a tour in Afghanistan and ongoing work in conjunction with Army Cyber Command at Ft. Meade, MD.
Keith holds an MS in Information Security and Assurance from Western Governors University, a BS in Computer Science/Religious Studies from Liberty University, and numerous industry certifications, including CISSP, CASP+, Security+, and CCNA. He also holds an active TS/SCI clearance.
Emily Smith Promoted to GRC Engineer III
Emily Smith has been promoted to GRC Engineer III at Seiso. With expertise in Governance, Risk, and Compliance (GRC), she helps clients enhance their security programs to meet their specific needs and regulatory requirements, including ISO 27001, HIPAA, HITRUST, and SOC 2.
Her background includes six years of implementing security and a GRC tool for SAP ERP systems, providing end-to-end project lifecycle support. This involved designing security solutions based on client requirements, building and testing those solutions, and conducting risk workshops to develop tailored risk rulesets for preventing, monitoring, and logging segregation of duties and privileged access issues.
Emily is proficient in creating and tailoring security policies, building risk management programs, providing ongoing GRC support for customer Information Security Management Systems, assisting with internal and external audits, and developing and delivering content to enhance security awareness training. She holds a BS in Business Administration (Information Systems) from Central Michigan University and is TERP10 certified in SAP ERP Integration of Business Processes.
Heidi Patrick Promoted to Sr. GRC Engineer
With an impressive background, Heidi brings a wealth of expertise to her new role. Previously serving 8 years in the US Navy as a Network Systems Administrator, Information Systems Security Manager, and Cybersecurity Workforce Manager, she also holds a position in the US Navy Reserve. Her civilian career includes roles in IT at UC San Diego and Southern Illinois University School of Medicine, focusing on system administration and HIPAA compliance. Heidi’s expertise spans Information Assurance, governance, risk, and compliance, with a focus on policy development, vulnerability assessments, and network administration. She holds certifications like CMMC-RP, CompTIA Security+, and has extensive experience with ISO 27001 and NIST standards.
Meet Heidi on the Side-Up Podcast
Industry and Community Engagement
In 2024 we continued our tradition of actively engaging with the cybersecurity community through key industry events and local initiatives. Our team has participated in discussions on critical topics like risk management and AI governance, while also organizing and attending a major regional security conference. These engagements not only enrich our strategies but also foster a collaborative environment.
Three Rivers Information Security Symposium (TRISS)
Our team actively participated in key industry events, notably the Three Rivers Information Security Symposium (TRISS) in October. Engaging with Pittsburgh’s cybersecurity community, we explored topics such as proactive risk management, AI governance, and the importance of diversity in the field. These discussions have been instrumental in shaping our strategies and services.
BSides Pittsburgh
Several members of the Seiso leadership team are organizers for BSidesPGH, a volunteer-run information security conference held annually in Pittsburgh. BSidesPGH has grown exponentially over the past 11 years.
This year’s event attracted upwards of 800 attendees, including CEOs, CISOs, and technology practitioners of all kinds.
More than just another cybersecurity conference—BSidesPGH is a thriving community and a catalyst for positive change in the industry. This event has become a cornerstone for those who seek not just to learn, but to connect, collaborate, and carve out new paths in cybersecurity.
As part of this year’s BSidesPGH, the Seiso team took a break from simplifying cybersecurity, by stopping by Pittsburgh’s Museum of Illusions, where reality gets flipped on its head. Here, in this maze of optical tricks, we weren’t just colleagues; we became explorers of the absurd, laughing at the laws of physics turned upside down! It was a playful reminder that sometimes, the best way to tackle complex problems is with a fresh, fun perspective.
Join us at the next BSidesPGH, on July 11, 2025!
KubeCon and DevSecCon
Our Chief Technology Officer and co-founder, Jon Zeolla, has continued to contribute to the cybersecurity discourse. His expertise in cloud-native security and compliance and his active participation in conferences like KubeCon and DevSecCon underscores our commitment to thought leadership and industry advancement.
Learn about Jon Zeolla’s contributions.
New and Expanded Partnerships
In 2024, Seiso took significant strides in enhancing our cybersecurity capabilities and extending our market reach through strategic partnerships with three key organizations: IANS and ATA.
As IANS Faculty, Seiso Co-Founder and CEO Joe Wynn and Co-Founder and CTO Jon Zeolla have the privilege of collaborating with a network of leading industry experts. This engagement provides unique opportunities to exchange ideas and stay attuned to the latest security trends, enabling us to deliver forward-thinking, informed solutions to our clients.
Lastly, partnering with ATA (Advanced Technology Associates) has enabled us to leverage their technological innovations, particularly in network security and threat intelligence. This collaboration has expanded our capability to offer state-of-the-art solutions that meet the evolving needs of our clients across various sectors.
New Resources from Seiso Notes
Seiso published several new resources this year including a new podcast, guides, checklists and more.
We Launched a New Podcast!
In 2024, we launched our very first podcast,
In 2024, we launched a new podcast! In the Seiso Side-Up we discuss the most critical topics in cybersecurity, best practices, and the latest industry news to help cybersecurity and business teams navigate the complexities of the cyber threat landscape together.
Side-Up is led and hosted by Lauren Shaffer, Project Manager, Scrum Master, Marathon Runner, and Dog Trainer. This season, we dove into topics ranging from cybersecurity to work-life harmony, to ethics. Stay tuned for new episodes in 2025!
Compliance Checklist and Guide
Written by our team of former CISOs and certified regulated industry compliance experts, our compliance checklist and guide provide a practical approach to simplify and accelerate your compliance journey and avoid pitfalls along the way.
Get your free compliance guide
Break the Cycle of Complexity
By focusing on reduction, clarity, and tailored solutions, you can get more done with fewer resources. Move your security program from burden to advantage.
Learn how to simplify cybersecurity in your business.
Simplifying GRC to Drive Growth and Build Lasting Security
Managing governance, risk and compliance effectively is essential to your business’s long-term success. But don’t just check compliance boxes—build a GRC program that’s embedded into the DNA of your business.
Start simplifying your GRC program
Working With External Cybersecurity Providers
Companies with small teams struggle to keep up with all the new risks and regulations. Sound familiar? If so, our guide to working with external cybersecurity providers will help.
Read the Guide: Working with External Cybersecurity Providers
Looking Ahead to 2025
As we prepare for 2025, our focus remains on delivering innovative, client-centered solutions. We are dedicated to enhancing our service offerings, fostering industry partnerships, and upholding the highest standards of cybersecurity excellence.
Thank you for your continued trust and partnership. We look forward to achieving new heights together in the coming year.
