FOUNDER
Co-Founder & CEO, Fortress Cyber
27+
Years in Cybersecurity
CISO
Former Enterprise CISO
Exit
QMasters MSSP
F500
Clients Advised
I'm a serial entrepreneur with 28+ years of experience in cybersecurity and IT. As a former CISO, I've had the privilege of advising governments, banks, and Fortune 500 companies on their security strategies.
I co-founded QMasters, a successful MSSP that we built from the ground up and eventually exited. That experience taught me everything about what works—and what doesn't—when building a security services business.
Along the way, I pioneered the "Integrative Cyber Defense" (ICD) approach—a methodology that unifies best-of-breed security tools into a cohesive, manageable platform rather than a chaotic collection of point solutions.
At Fortress, I'm building what I wish existed when I was running QMasters: a Channel Enablement OS that transforms how MSPs deliver and monetize cybersecurity. My mission is to make enterprise-grade security accessible and profitable for every MSP.
Fortress Cyber • Current
Building the Channel Enablement OS that transforms how MSPs deliver and monetize cybersecurity services.
QMasters (MSSP) • Exited
Built and scaled a successful managed security services provider from startup to exit.
Enterprise CISO
Led enterprise security strategy, risk management, and security operations for major organizations.
Governments, Banks, Fortune 500
Advised leading organizations worldwide on cybersecurity strategy, compliance, and risk management.
"Every MSP should be able to deliver enterprise-grade security to their clients, profitably and sustainably."
The technology exists. The market demand exists. What's been missing is a platform purpose-built to enable the channel. That's what we're building at Fortress—and that's the Channel Enablement OS.
After 28 years in cybersecurity and a career running an MSSP, here is the honest answer to whether small businesses need cyber security — and what it actually costs to ignore it.
June 15, 2026
SOC 2, HIPAA, PCI, GDPR, Tikun 13 — which frameworks actually apply to your small business? A plain-English guide to figuring out your real obligations and how to meet them without a full-time team.
June 12, 2026
The honest answer is yes, and it stopped being optional years ago. Here is why hackers target small businesses, the 80/20 of protection that stops most attacks, and what it should cost.
June 12, 2026
A vCISO is the security leadership function of a CISO delivered as a service — without the $300K salary. Here is what a vCISO actually does, who needs one, and what it costs in 2026.
June 11, 2026
תיקון 13 דורש בקרות לפי רמת הסיכון של המאגר — אבל לא אומר אילו טכנולוגיות להטמיע. המדריך התפעולי לסיווג, מיפוי בקרות ובחירת השירותים המתאימים לארגון שלך.
May 26, 2026
Tikun 13 requires controls calibrated to each database's risk tier — but doesn't tell you which technologies to deploy. The operational guide to classification, control mapping, and choosing the right services for your organisation.
May 26, 2026
Three paths to cybersecurity leadership — and they're not interchangeable. A 28-year cybersecurity veteran breaks down the real cost, capability, and fit of each model for SMBs and mid-market businesses in 2026.
May 11, 2026
Most MSPs price vCISO services wrong — either undercharging or scaring clients with enterprise rates. Here's the framework-based pricing model that works in 2026, and how one consultant can profitably manage 30 clients.
May 11, 2026
Most MSPs hit a wall at 5-8 vCISO clients because they're delivering it the wrong way. Here's the operational model that lets one consultant manage 30 clients profitably — and how to scale to 50+ from there.
May 11, 2026
88% of small business breaches involve ransomware — and it almost always starts with one phishing email. Here's how attacks actually unfold, what they cost, and how to stop them.
May 10, 2026
Most MSPs price cybersecurity wrong from day one — too high to win deals or too low to make margin. Here's the pricing framework that actually works in 2026.
May 10, 2026
Cybersecurity should be your most profitable service line. For most MSPs, it's their biggest margin killer. Here's why — and the operational fix.
May 10, 2026
The biggest barrier to MSP growth isn't demand — it's headcount. Here's how to scale your MRR and ARR 3-5x using the team you already have.
May 10, 2026
Most IT providers aren't cybersecurity experts — they're generalists. Here are the four questions every small business owner should ask, plus how to verify the answers are true.
May 10, 2026
The MSSP market is exploding, but most MSPs don't know where to start. This comprehensive guide covers everything from service design to pricing to operations.
January 25, 2026
Virtual CISO services are the highest-margin offering MSPs can provide. Here's exactly how to build and sell vCISO services to your existing clients.
January 22, 2026
The alphabet soup of security services confuses everyone. Here's a clear breakdown of MDR, SOC, SIEM, XDR, and which ones actually matter for your MSP.
January 19, 2026
Supply chain attacks are everywhere. Your clients need help managing vendor risk, and TPRM services are a natural fit for MSPs. Here's how to capitalize.
January 15, 2026
Compliance is a goldmine for MSPs—if you automate it right. Learn how to deliver SOC 2, HIPAA, and PCI compliance at scale without drowning in manual work.
January 12, 2026
Vendor sprawl is silently killing MSP profitability. Here's the math on what those "affordable" point solutions are really costing you.
January 8, 2026
Pioneer of Integrative Cyber Defense (ICD)
Channel Enablement OS concept creator
MSP profitability framework developer
Speaker on MSSP growth & security strategy
