Hi, I’m Sam Durso
I founded The Cyber Friend in 2021 because I saw too many startups and small businesses getting priced out of real cybersecurity help — or stuck with cookie-cutter solutions that didn’t fit their needs.
Today, I serve as a vCISO and CMMC Specialist, guiding clients through NIST 800-171, NIST CSF 2.0, HIPAA, and SOC 2 compliance with customized strategies that enhance security maturity and ensure long-term regulatory alignment.
My background spans risk assessments, incident response, vulnerability management, policy development, and security awareness training. I’ve conducted full-scope audits, built SSPs and POA&Ms from scratch, led tabletop exercises, and helped organizations achieve certifications like ISO 27001. I work after hours because I know you’re busy running your business during the day — and I speak plain English, not vendor jargon.
Core Competencies
Credentials
Education
Master’s in Cybersecurity & Information Assurance
B.S. in Cyber-Defense & Information Assurance
Key Certifications
CISM (ISACA)
CMMC RP & RPA (Cyber AB)
CompTIA Security+
Also holding Certificates of Learning under: AZ-900, CompTIA ITF+, Cisco Networking Essentials, Linux Essentials, SOC 2 Compliance, ISO 27001, PCI DSS 4.0