On a mission to help protect Critical Infrastructure by advising and assisting companies through layers of cybersecurity and compliance, Michael Sanchez and Sid Shaffer compounded decades of their expertise in IT operations, cybersecurity, audit, and compliance to form ITEGRITI. An industry-leading cybersecurity and compliance advisory firm, ITEGRITI offers an integrated suite of cybersecurity, compliance, and managed services offerings to help organizations address the ever-increasing security and compliance challenges.
Drawing on his 30+ years experience and through cyber and physical security knowledge gained during his 12 years as a board member with FBI InfraGard, Sanchez leads his team at ITEGRITI to develop cybersecurity and compliance programs for their clients. His experience as the former head of commercial cybersecurity and compliance for a global management consulting firm has been instrumental in enhancing ITEGRITI’s ability to serve large and complex projects, and to help clients manage risks more effectively through the implementation of audit programs that measure, monitor and report internal control performance. At the core, the company brings in its deep experience, technical knowledge, and a history of delivering tangible results to strengthen cybersecurity and compliance programs.
ITEGRITI’s approach to cybersecurity begins with developing an understanding of the client environment through a risk-based evaluation and review of the existing program, internal controls and performance, and technology investments.
ITEGRITI designed compliance programs embed the compliance tasks within the operational procedures to clarify responsibilities and support organizational adoption. “ITEGRITI’s approach provides our clients with a process to measure, monitor, and report the operational effectiveness of their internal controls,” adds Sanchez.
One of the largest utility companies in the U.S. came to ITEGRITI with a growing list of cybersecurity, compliance, process improvement, training and organizational change management concerns but did not have internal resources available for timely completion of tasks. ITEGRITI reviewed the list, identified dependencies and critical path, anticipated level of effort, and organizational priority. They were then contracted to lead and help complete items on this key task list. Through ITEGRITI’s trusted counsel and close collaboration with the employees, vendors, and other contractors, the client was able to manage their efforts and complete items on their key task list in an agile fashion.
The uniqueness of ITEGRITI’s integrated services stems from its ability to deliver a range of crucial functional support and personalized managed services for companies that lack the resources, time, or expertise to handle them, but have recurrent needs on compliance and cybersecurity streams. The company’s ‘as a service (aaS)’ models—Chief Information Security Officer (CISO) aaS and Compliance aaS—provide critical support for clients and help them choose specific services that meet their budget and needs.
ITEGRITI plans to expand its investment in processes and tools. Their processes follow an approach that mirrors NERC audit and data requests, and they utilize a relational, multi-user database during audit preparation engagements to manage data requests, workflows, reviews, and disposition with reports that dynamically provide Data Request status. The company’s future roadmap also includes geographic expansion to better serve clients by utilizing cost-efficient and local resources.