Information Security is not always black and white

Information security is a constantly evolving challenge. We love helping our customers stay ahead of the curve. From risk assessments, to vulnerability tests, to penetration tests, we can deliver what you need to ensure you are doing your best to keep your data and your customers safe.


Exploited vulnerabilties were compromised more than a year after patches were available


People who opened phishing emails


Malware customized to victim (not detectable by antivirus until after discovery)


Discovered malware over 30 days after infection

New Book Released

Get the new book by Shades of Gray Security’s Founder and Principal Cyber Security Consultant

Chad Olivier discusses cyber security

IT Managers Don’t Know They are Victims of Active Data Breaches

The Facts of Data Breaches Sophos released a rather chilling report this week highlighting several problems in 2019 cybersecurity for businesses. Being breached, it would seem, is no longer the exception, but the rule. They uncovered that 68% of companies were victims...

National Cybersecurity Awareness Month 2018 – Mobile Phone Security

There are many things to consider with mobile phone security. Updates, security fixes, backup, and encryption are all things you need to think about. We’ll discuss a few things to help you decide the best plan, phone, and mobile phone security features to...

National Cybersecurity Awareness Month 2018 – Public Wi-Fi Security

Free public Wi-Fi is a great way to get connected while you are on-the-go and reduce usage of your data plan on your phone. It is also a great way to be a victim of cybercrime. Here are some public Wi-Fi security tips to help keep you safe. Ask the...

National Cybersecurity Awareness Month 2018 – Getting Started with Small Business Cybersecurity

Getting Started with Small Business Cybersecurity Regardless of the size of your business, you need to be thinking about small business cybersecurity. Don’t think you are too small to worry about cybersecurity. Even if you are the only one in your...

National Cybersecurity Awareness Month 2018 – PIN Security

When you are using a PIN for your mobile device security, keep in mind that it should be a unique PIN. Don’t use the same PIN you use for your debit card. Why? Entering a PIN is easy for someone to watch. Too often I see people unlock with their PIN in...

What We Offer

Shades of Gray Security offers our clients world-class managed security solutions with our virtual Chief Information Security Officer (vCISO) service. If you are a business that doesn’t have the resources to hire a full staff of information security professionals, we can help. We offer several plans that come with basic services and we’ll be available 24/7 to help you with any security needs you have. We work with you to find your specific needs and develop a plan that fits your budget and helps keep your data protected.
Our Cyber Security Testing services include all you need to make sure your data is being protected. We can help you meet your compliance obligations and go beyond them. HIPAA, PCI, FFIEC, GLBA, SOX, whatever you need, we have you covered. Don’t have any regulatory requirements? We offer testing services to make sure your data is protected. Due diligence matters. In the event of a data breach, cyber insurance won’t protect you if you haven’t had testing performed. Routine testing helps show a track record of security performance that can mean the difference in a liability suit.
Suspicious activity and malicious attacks can leave you puzzled over what happened, what was affected, and how. Our expert forensics team uses the latest tools and practices to retrace the events that occurred and give you a forensically sound answer to those questions you can use. Our experts image devices and leave the original system untouched during our investigation. As part of an incident response plan, forensics helps you close the gaps and build your case. Our founder has given testimony in cases and can help you with litigation.
No one wants to experience a breach, but it does happen and we can help. Our staff has responded to the biggest data breaches in the world. We deploy all our services to help you find out how you breached, what was stolen, who are the actors involved in the attack, and most importantly how to stop them and secure your network to prevent future attacks. We work closely with you in these stressful times and make sure your bases are covered.

Cyber Security Services

Learn more about our services.

information security

Our Work Flow


Initial Interview

We start all tasks with an interview. In that interview we are going to ask for details about your particular situation and needs.

Task Performance

We work quickly to accomplish the engagement and have as small an impact as possible on your daily operations.



We end all engagements with detailed reports. All identified issues have actionable recommendations you can use immediately.

shades of gray security


Frequently Asked Questions

We get asked a lot of questions. Some are funny like, “can you fix my credit score?” Others are serious, “Why do I need security?” The answer to the first question is “no” obviously. Well we think it should be obvious anyway, yet we get asked all the same. The other question and more will be answered.

What kind of clients do you work with?
We work with all kinds of clients from every different industry and every size. Any business that understands how critical security is to their survival.
Why do I need security?
Aside from being required by a regulator, you may want to secure yourself to protect your investment in your business from a data breach. A data breach can quickly shut a business down, costing you a fortune in legal fees, lost productivity, fines, penalties, and reputation damage.
Do you guarantee I won't be hacked?
While we would love to help you sleep better at night, no security company can make that guarantee. We can however, help you reduce and mitigate risk, make sure you are meeting regulatory requirements, ensure you have performed due diligence, and help protect you from long term losses and litigation. We don’t guarantee you won’t be hacked, but we do offer special packages that will help reduce the time to discover a breach and the cost to clean up afterwards. That is our guarantee.

Chad Olivier worked as the lead consultant and manager for our Identity and Access Management initiative. In that position, he reported to me and managed the critical, early stages of the project. Chad stepped into the our IAM role with dedication and skill, leading us through product evaluation, selection, and executive approval.
Identity and Access Management was a major corporate initiative. Chad’s early project leadership proved pivotal in successfully navigating the vendor landscape and gaining executive approval.

Dave Elfering

Associate Vice President, Information Security, Werner Enterprises

A number of vulnerabilities were identified in Bengal’s system and quickly patched up. Awareness is key to being secure. We know we get probed; every business gets probed every day from places all over the world. For a business that gets hacked, not only do you have all of your company information at risk, you also have the customer data and then bad PR that goes with it. Just being able to verify that it’s protected is well worth the money.

Lee Moreau

IT Director, Bengal Industries

Don't Be Shy

Drop us a line anytime, and one of our customer service reps will respond to you as soon as possible

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and tips on how to be secure in today's digital world.

You have Successfully Subscribed!