Entry-Level Services
| Service | What It Does | Best For |
|---|---|---|
| Cybersecurity Snapshot | External view of your business (DNS, email, exposed services) with prioritized risks | Getting a quick, realistic view of exposure |
| Security Foundations Assessment | Structured review + roadmap across identity, data, vendors, and risk | Businesses that want a clear plan |
| Security Hardening Sprint | Focused remediation (email security, MFA, backups, web exposure) | Fixing high-priority risks quickly |
| Firewall Review | Review of firewall configuration | All Businesses |
| Network Architecture Review | Review of Network Setup/Segmentation | All Businesses |
| Wi-Fi Review | Review of Wi-Fi Security | All Businesses |
| Technology Stack Review | Review of overall Tech stack and assess strategy/spend | All Buisnesses |
| Physical Security Review | Review of Physical controls (door access, cameras, lights, etc) | All Businesses |
| Other | Custom Security or Technology focused Review | All Businesses |
Expert IT services
Bring us in for those problems that nobody can seem to solve
MNRisk isn’t in the business of doing MSP type work that you would contract from a company that specializes in the day-to-day IT work, however, we do have extensive knowledge in most aspects of IT from Network Engineering, System Engineering, Cybersecurity Engineering, Website & Email Hosting, wireless design, Datacenters, on-prem virtualization, Cloud, etc.
If your IT vendor or MSP cannot solve a problem, feel free to reach out and we would be happy to take a look. We’re priced accordingly (300/hour), as IT work is not our main focus and we do not want to compete with your existing IT vendor, but we can certainly help in a pinch. Sometimes you just need a fresh pair of eyes. If we can’t solve the problem, you pay nothing.
Think of us as the level 3 support, when your primary IT vendor can’t a specific problem.
Cybersecurity Snapshot
Understand what your business looks like to an attacker
- External exposure review (DNS, email, services)
- Plain-English risk findings
- Clear next steps
Low-friction starting point with no disruption
Security Foundations Assessment
Identify gaps and build a practical path forward
- External + lightweight internal review
- Risk prioritization
- Actionable roadmap
Focus on what actually matters, not everything
Security Hardening Sprint
Reduce risk quickly with focused improvements
- Email security (SPF, DKIM, DMARC)
- MFA rollout guidance
- Backup validation
- Web/application exposure
Structured, short-term risk reduction
vCISO Services
Most small businesses don’t need a full-time CISO—but they do need someone thinking about security at a strategic level.
I work alongside your IT provider to help you:
- Understand risk
- Prioritize what matters
- Build a manageable security program
How This Works
| Step | Description |
|---|---|
| Identify | We identify your biggest risks |
| Prioritize | Focus on what actually matters |
| Build | Create a simple, structured program |
| Improve | Continuously improve over time |
Security Program Options
| Tier | Involvement | Key Capabilities | Best Fit |
|---|---|---|---|
| Advisor (Starter) | Light (≤ 4 hrs/month) | Guidance, questions, vendor input | Small businesses getting started |
| vCISO (Growth) | Moderate (≤ 10 hrs/month) | Risk register, policies, reviews, guidance | Growing orgs with real risk exposure |
| Security Program (Mature) | High (≤ 20 hrs/month) | Full program oversight, compliance, exec guidance | Businesses with compliance or critical risk |
What’s Included by Tier
Advisor (Starter)
- Security questions & advisory support
- High-level risk discussions
- Vendor/tool guidance
- Email / call support
Good fit if:
- You have an MSP
- You want a second opinion
- You’re just getting started
vCISO (Growth)
- Risk register & tracking
- Vulnerability prioritization
- Policy development
- Quarterly reviews
- Incident guidance
Good fit if:
- 10–200 employees
- Sensitive data
- Need ongoing structure
Security Program (Mature)
- Full program oversight
- Risk reporting
- Compliance alignment (NIST, SOC 2)
- Incident planning
- Executive guidance
Good fit if:
- Compliance requirements
- Audit / insurance pressure
- Security is business-critical
What This Is (and Isn’t)
| ✔ What This Is | ✖ What This Isn’t |
|---|---|
| Works alongside your MSP | Not a helpdesk |
| Helps you make better decisions | Not replacing IT |
| Focuses on business risk | Not selling tools |