Leave a Review For Providers 0 0
  • Post a Project
The Cyber Friend Logo

The Cyber Friend

Not yet reviewed

Contact The Cyber Friend

Get a custom proposal

Affordable Security Consulting for SMBs

The Cyber Friend was founded in 2021 to solve a problem most small businesses know all too well: real cybersecurity expertise has always been priced for enterprise budgets, not SMB ones.

With a full-time CISO out of reach and big MSPs offering packages built for someone else, most growing businesses are left exposed and underserved. The Cyber Friend fills that gap by delivering expert, personalized security leadership at a price that actually makes sense for small businesses. 

  • Min project size
    $1,000+
  • Hourly rate
    $100 - $149 / hr
  • Employees
    Freelancer
  • Year founded
    Founded 2021

Overview by:

Reviewer avatar
Sam Durso
Founder & CEO About the Team

No have been added yet...

    Highly Rated Similar Providers

    Have you worked with The Cyber Friend?

    Share your experience working with The Cyber Friend on a past project by leaving a review for buyers around the world

    Submit a Review

    Our Story

    Hi, I’m Sam Durso. I founded The Cyber Friend in 2021 because I saw too many startups and small businesses getting priced out of real cybersecurity help, or stuck with cookie-cutter solutions that didn’t fit their needs. 

    Today, I serve as a vCISO and CMMC Specialist, guiding clients through NIST 800-171, NIST CSF 2.0, HIPAA, and SOC 2 compliance with customized strategies that enhance security maturity and ensure long-term regulatory alignment. 

    Meet the Team

    Sam Durso

    Sam DursoFounder & CEO

    Sam holds an MA and a BS in Cyber Security, has worked for multiple MSP/MSSPs as a Compliance Specialist, vCSO, Security Consultant, and Security Analyst over the last five (5) years, and holds multiple Security and Compliance-related certifications.

    What Sets Us Apart

    You Work With the Expert, Not a Team of Strangers

    Sam handles every engagement personally. No junior staff handoffs, no rotating consultants who need to re-learn your business. Clients get a CISM-certified, master's-level professional who already knows their systems, goals, and risk profile.

    Built for the Gap Nobody Else Fills

    Too small for a six-figure CISO. Too complex for generic IT support. That is exactly who The Cyber Friend was built for, and every service, price point, and conversation reflects that.

    Certified Depth Across Every Major Framework

    Sam holds active credentials in CMMC (RP & RPA), CISM, and Security+ and works across HIPAA, NIST CSF 2.0, NIST 800-171, SOC 2, ISO 27001, and PCI DSS. That breadth means clients aren't getting a generalist guessing their way through compliance; they're getting a specialist who has done it before.

    Quick Facts

    5 years in business

    Tools and Technology

    Slack
    Microsoft Teams
    Airtable
    OneDrive
    SharePoint
    Splashtop
    Fireflies.ai
    GitHub
    Calendly
    Azure

    Commonly Asked Questions

    Significantly lower, and intentionally so. Across every service we offer, our pricing runs 30-60% below what larger firms and managed security providers charge for the same scope. You get the same certified, expert-level work without the enterprise overhead, junior-staff handoffs, or long-term contracts that were never built for a business your size.

    Absolutely! That is actually the most common starting point. Most clients come in with little to no formal security structure, no written policies, and no clear picture of their risk. That is exactly what The Cyber Friend is built for. We meet you where you are, assess what you have, and build from there at a pace that works for your business.

    It depends on the service. Rapid assessments are completed within a few business days. A HIPAA or CMMC engagement typically runs four to twelve weeks, depending on the scope and the level of remediation support included. Retainers and recurring services are ongoing by design. Every engagement has a defined timeline agreed upon at kickoff, so there are no surprises.

    No. Many clients have no dedicated IT staff at all. Part of what The Cyber Friend provides is security leadership that fills that gap. For engagements that require technical remediation, we will tell you plainly what needs to happen and help you understand your options, whether that means guiding your existing staff, coordinating with an IT vendor, or handling the documentation and strategy ourselves.

    IT companies keep your systems running. Cybersecurity consulting keeps your business protected, compliant, and defensible when something goes wrong. Those are different disciplines. Most IT providers are not certified in compliance frameworks like CMMC or HIPAA, are not personally liable for audit findings, and are not trained to think like an attacker or a regulator. The Cyber Friend brings dedicated security expertise, not IT support with a security checkbox added on.

    Contact The Cyber Friend

    If you’re not seeing exactly what you need here, send this company a custom message. You can talk about your project needs, price, and timeline to get started on your project.

    Get connected to see updates from The Cyber Friend like new case studies, latest reviews, their latest masterpieces in their portfolio, delivered straight to you.