“Gary’s ability to take an initiative from inception to impact is second to none. His entrepreneurial skills, thought leadership, attention to detail, and ability to execute produces profound results.” – Director @ a Fortune 500 company
Satisfy legal, regulatory, and contractual security obligations.
Buyers expect security.
Keep your people, intellectual property, money, customer and patient data, and other valuables safe from hackers and insiders.
Gary S. Chan is an independent consultant with a wide partnership network, helping companies protect what is important to them.
How I Do It
You know your business best. I’ll ask questions to understand what you do and where you want to go.
I’ll create a custom proposal to achieve your goals and explain each line item so that you understand what you are getting and the impact it will have on your business.
I will get to work helping you and your business.
“Gary has successfully built, not only an IT Security Framework and a skilled and reliable technical team, he did it while maintaining a clear business compliance vision to reduce overall corporate risk.” — Compliance Manager @ a large-cap company
# projects successfully completed.
# of people using anti-fraud and information security products that I helped design.
# minutes needed to discuss your security needs.
How I Can Help
Security solutions are tailored for each business, so use this table as a guide rather than definitive list. By creating a custom proposal, I can find you the most effective solution at a market-competitive price. If you are looking for commodity products, I can oftentimes pool your purchase with others to obtain volume discounts typically available only to larger companies.
Discovery + Strategic Assessment
Don’t know where to start? We’ll go through a project discovery and gather relevant information regarding your company. I’ll take a look at your company’s security controls, processes, and organizational structure and provide a report with strategic recommendations to improve your company’s risk profile.
Starting at $5k.
Detailed Assessment + Remediation Plan
Let’s review your company’s security controls, processes, and organizational structure at a deep level. Whereas a strategic assessment might only inquire whether you have anti-virus software, a detailed assessment will look at the specific anti-virus software you have, how often the software is updated, and what individuals do when the software picks up a virus. Assessments against specific standards (e.g. NIST 800-171, CIS Top 20, SOC 2) are also available. You’ll receive a report on your company’s risk profile as well as a remediation plan to address the most important security gaps for your business.
Starting at $30k.
Don’t want to handle the daily operations of a security team? Outsource your entire program to Alfizo and its partners. We operate a 24×7 security operations center using the latest technology, including e-mail protection, cloud data loss prevention, firewall, anti-malware, mobile device management, web filtering, domain name system (DNS) protection, security information and event management (SIEM), security awareness training, and more. See saas.alfizo.com for more information.
Starting at $40k for a small business
Want to deploy a new information security solution? Whether it’s a new firewall, anti-virus software, or any other security software or hardware, my partners and I have relationships with most of the major vendors. We can generally negotiate lower than average pricing from vendors and install what you need at scale across the United States.
Custom cash and/or shared ROI pricing. Possible volume discounts on commodity products when combined with purchases through Alfizo’s partnership network.
Third Party Risk Management
Need to assess your vendors to ensure that they are fulfilling their contractual obligations and not exposing your company to additional risk? Pull automated security reports or commission custom security questionnaires with human review.
$300 per automated report. Custom pricing for customized questionnaires with human review based on volume
Need to write company security policies? Obtain a set of templates or get custom ones written for your company based on your needs.
$4500 for a set of policy templates typical for your industry. Custom pricing for custom written policies
Security Awareness Training
Need to bring cybersecurity awareness to your team and report on it? Sign up for a free training platform with fun videos and automated reports to show which employees watched the videos and passed the quizzes.
Free for standard videos and reporting. Paid upgrades for simulated phishing, games, and additional content.
Need an engaging speaker for your event? I keep audiences engaged in a variety of settings from intimate conference rooms to stage theaters with advanced lighting and sound systems. In the past few months, I gave a keynote at the 2019 FBI National Citizens Academy Alumni Association Leadership Conference and a presentation at the 2019 SecureWorld St. Louis Conference. Bring relevant and interesting technology ideas to your audience, e.g. practical cryptocurrency markets, how to build an enterprise security program, the current state of artificial intelligence, technology trends, information security at home, or fascinating stories of digital crime.
Starting at $3500
Do you have security questions that you need answered? Receive strategic and tactical guidance for your specific situation, both at the business level and technical level. Up-front preparation will save you headaches and money later on. Get your first 30 minutes free by scheduling a consultation below.
Hourly rate and/or shared ROI
“Under your leadership and countless hours of behind-the-scenes work, you have raised the organization to a whole new level.” — Public Relations @ a federal agency
Who is Alfizo LLC?
Alfizo LLC is a consulting company owned and operated by Gary S. Chan.
Gary is a Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (ISSMP), and Certified Fraud Examiner (CFE) with a degree in Electrical Engineering & Computer Science from MIT. He is trained in conflict management, negotiation, and mediation as well as interviewing and interrogation. He uses these skills to work collaboratively, defuse conflict, or investigate incidents. He specializes in information security, anti-identity fraud, data analysis, and interviewing.
Gary is a computer nerd who enjoys traveling and magic. Having traveled to over 35 countries and worked on three continents, he regularly expands his repertoire of minutiae and concepts in an attempt to gain a worldlier perspective and understanding. Winner of the 2019 St. Louis Amateur Magic Competition, Gary enjoys performing both close-up and stage magic and mentalism for intimate and large audiences because it gives him the opportunity to apply out-of-the-box thinking to create astonishing and unexpected results. Innovative thinking drawn from different parts of the world enable him to effectively and efficiently solve the complex and large-scale problems that his clients ask him to solve.
His numerous security projects to date include, but are not limited to, the following:
Designing and deploying security solutions to state agencies to reduce identity fraud for citizens.
Building the information security program for a $10B company to keep its assets and people safe.
Leading a 200-person organization to reduce crime, support education, and address opioid addiction in the community.
Mentoring cybersecurity start-up companies.