I am Hossein Malekzadeh
I am an independent IT security and cyber security consultant
I keep businesses and people safe from dangerous cyber attacks
Are you aware that 40% of businesses report cyber security breaches yearly? Security breaches are a massive threat to companies of all types and sizes. Yet, many business owners don’t realize their company is at risk of a breach that could result in huge revenue loss and reputation damage. By hiring me as your IT security contractor, you will get a personalized cyber security strategy that will keep your business safe from security risks so you can rest assured your company’s future is safe.
I made a choice 20 years ago: to remain an independent cybersecurity
contractor and never sell a vendor’s solution for commission or other
benefits.
Even when I was working for government agencies, I still helped all
the companies I visited to choose the best solution, not to promote
solutions only for large organizations. Maybe that’s why I went and
opened my own company!
You can always rely on my experience, knowledge and global connections
in cyber security and know that I will always have your best interests
at heart.
Now I am a cyber security specialist helping software development
companies, law firms and banks build sophisticated and effective
information security management programs to combat advanced cyber
threats and act as a virtual CISO (CISO as a Service).
You should be able to detect any unauthorized access anywhere in your network, be it a malicious insider or an outside hacker. I will help you build the necessary security monitoring to achieve that.
I will help your team understand why certain emails and links are dangerous, the concept of operational security and the ways hackers might take advantage of their desire to help. Security Awareness Training is much more than just a series of videos.
I help my customers transform their IT infrastructure security by implementing Server & Network Device Hardening, Desktop Hardening, Network & Web Service security, Data Security, Backups, and more!
How many vulnerable machines/apps can a company have in its network? I help my customers establish and manage a Vulnerability management program, which will gradually reduce the risk of their network vulnerabilities.
Getting access to a corporate account may grant a hacker access to all internal systems. I protect my customers by implementing secure authentication, ensuring the integrity and confidentiality of your communications.
Breach simulation is an integral part of every Information Security Program. My customers can rely on me to support them in the initiation, execution, and conclusion of a Penetration Test.
Policies and Procedures are the governing laws of a company's business. The ones I create are living and breathing documents bringing order and structure to my customers' security practices.
Secure Work From Home is one aspect of remote access, but I also take care of third party partners, and outsourced employees, vendors, and guests. Remote access to data is not limited to VPN.
Antivirus is just one of the 12 controls I implement to defend endpoints from advanced hacking attacks. I prevent the exploitation of these devices via malicious documents, scripts, 0day vulnerabilities, and more.
There are tons of cybersecurity consulting companies out there. But their business model is usually as follows:
Conduct a security assessment or penetration test
Based on the results, they sell as many security products and solutions as they can with a commission
With a few “security solutions” installed, profit quickly and leave your real security situation where it was. These are not cybersecurity consulting firms, but efficient security product vendors who use their penetration testing as a business development tool.
I do things differently.
I also do a security assessment, but a very deep security architecture based on NIST 800-53, ISO 27000
Then I’ll create a comprehensive information security plan for you—a strategic but deeply technical plan to protect 14 (or more) cybersecurity areas, covering 17 types of cybersecurity attacks, and protecting your people, processes, and technology from a single point. Architecture protects. In terms, without buying any product or business solution.
Each of the 14 cyber security areas is usually divided into several small projects. The performance and status of each of these projects is tracked on a dashboard so that you can improve your defenses every day during the implementation of your information security program. It will take longer, but you will be safe in the end.
When you first start working with senior information security consultants, both sides need to clarify their expectations.
Just knowing about your desire to protect client information is not enough. It is best to share details about your business processes, how you work with your clients, and how you collect and store their data.
IT security experts need to know the answers to all these questions before starting to work with you.