Felaris Global
  • Home
  • Executive Services
    • Fractional CIO/CTO
    • M&A Integration & DD
    • ERP Strategy and Recovery
    • FDA/MDR Compliance & CSV
    • IT Operations Management
    • Cybersecurity
  • Felaris AI
    • Felaris AI Overview
    • AI Readiness Assessment
    • Fractional CAIO
    • AI Business Services
    • AI Academy
  • Self Assessments
    • AI Readiness
    • Cybersecurity (Sentinel)
    • IPO Readiness
    • M&A IT Due Diligence
    • Medical Compliance
  • Regions
    • United States
    • Europe
    • Caribbean
  • Team
    • Principal Consultants
    • Klaus Feldam
    • Christian Barilone
    • Thora Feldam
  • Insights
  • Felaris Alpine
  • About Us
  • Contact Us
  • More
    • Home
    • Executive Services
      • Fractional CIO/CTO
      • M&A Integration & DD
      • ERP Strategy and Recovery
      • FDA/MDR Compliance & CSV
      • IT Operations Management
      • Cybersecurity
    • Felaris AI
      • Felaris AI Overview
      • AI Readiness Assessment
      • Fractional CAIO
      • AI Business Services
      • AI Academy
    • Self Assessments
      • AI Readiness
      • Cybersecurity (Sentinel)
      • IPO Readiness
      • M&A IT Due Diligence
      • Medical Compliance
    • Regions
      • United States
      • Europe
      • Caribbean
    • Team
      • Principal Consultants
      • Klaus Feldam
      • Christian Barilone
      • Thora Feldam
    • Insights
    • Felaris Alpine
    • About Us
    • Contact Us
Felaris Global
  • Home
  • Executive Services
    • Fractional CIO/CTO
    • M&A Integration & DD
    • ERP Strategy and Recovery
    • FDA/MDR Compliance & CSV
    • IT Operations Management
    • Cybersecurity
  • Felaris AI
    • Felaris AI Overview
    • AI Readiness Assessment
    • Fractional CAIO
    • AI Business Services
    • AI Academy
  • Self Assessments
    • AI Readiness
    • Cybersecurity (Sentinel)
    • IPO Readiness
    • M&A IT Due Diligence
    • Medical Compliance
  • Regions
    • United States
    • Europe
    • Caribbean
  • Team
    • Principal Consultants
    • Klaus Feldam
    • Christian Barilone
    • Thora Feldam
  • Insights
  • Felaris Alpine
  • About Us
  • Contact Us

CYBERSECURITY AND vCISO SERVICES

Most mid-market organizations operate without a dedicated security executive. The risk is real, the regulatory pressure is increasing, and a full-time CISO is not a justifiable hire at every revenue level. Felaris provides fractional cybersecurity leadership (embedded, operational, accountable) for organizations that need senior security direction at a fraction of the cost.

Our client base spans all industries. We bring additional depth to regulated environments where medical device, pharmaceutical, and manufacturing organizations face cybersecurity obligations under FDA, EU MDR, and ISO 27001 certification, but vCISO and cybersecurity program services are available to any mid-market organization.

vCISO - Virtual Chief Information Security Officer

vCISO - Virtual Chief Information Security Officer

vCISO - Virtual Chief Information Security Officer

Strategic security leadership without a full-time hire. Security strategy and roadmap development, governance framework, security metrics and board reporting, vendor and tool evaluation, budget planning, regulatory compliance governance, and incident response oversight.

Cybersecurity Program and Maturity Assessment

vCISO - Virtual Chief Information Security Officer

vCISO - Virtual Chief Information Security Officer

To improve security, you first need an honest assessment of current state. Felaris evaluates security posture across people, process, and technology: cybersecurity maturity assessment, security control evaluation (NIST, CIS Controls), incident response capability, third-party risk assessment, and improvement roadmap with priorities and budget requirements.

Incident Response and SOC Development

vCISO - Virtual Chief Information Security Officer

Third-Party Risk and Vendor Security Management

Felaris develops incident response plans, conducts tabletop exercises, and helps organizations establish or improve Security Operations Center capabilities. SOC strategy and staffing, MSSP evaluation, incident response playbooks, security monitoring and alerting, forensics and root cause analysis, and board-level incident communication.

Third-Party Risk and Vendor Security Management

Network Security, Application Security, and Penetration Testing

Third-Party Risk and Vendor Security Management

Vendors and third-party providers create security risk that requires active governance. Felaris establishes vendor risk assessment frameworks, security evaluation questionnaires, risk scoring, ongoing monitoring, incident notification protocols, and contract security requirements.

Compliance, Cloud Security, and Data Protection

Network Security, Application Security, and Penetration Testing

Network Security, Application Security, and Penetration Testing

Cybersecurity regulations evolve continuously. Felaris maintains alignment with HIPAA, GDPR, SOX, PCI DSS, NIST, and industry-specific standards. Cloud security covers architecture, access control, data protection, encryption, posture management, and monitoring across AWS, Azure, and GCP. Data protection covers classification, encryption, access control, breach response, retention policies, and privacy alignment.

Network Security, Application Security, and Penetration Testing

Network Security, Application Security, and Penetration Testing

Network Security, Application Security, and Penetration Testing

Network infrastructure hardening, segmentation, intrusion detection, and monitoring. Application security assessment, secure development practices, code review, and penetration testing. Vulnerability assessment and scanning (external, internal, targeted), social engineering testing, wireless security, remediation guidance, and re-testing validation.

When Organizations Engage Us

  • Preparing for an FDA inspection, EU MDR audit, or ISO 27001 certification requiring security controls
  • No formal cybersecurity program in place and need for a vCISO or security leadership function
  • Ransomware, data breach, or security incident requiring immediate response and recovery leadership
  • Acquiring or integrating a company with unknown or inadequate cybersecurity posture
  • Regulatory findings or pen test results requiring remediation planning and control implementation
  • Building or maturing a cybersecurity program aligned to NIST, ISO 27001, or FDA cybersecurity guidance

WHO WE SERVE

Mid-market organizations with revenue between $50M and $500M across the United States, the Caribbean, and Europe that need fractional CISO leadership or structured cybersecurity program development. Medical device, pharmaceutical, life sciences, and regulated manufacturing organizations where cybersecurity obligations intersect with FDA, EU MDR, GDPR, NIS2, and ISO 27001 compliance. Organizations preparing for M&A, IPO, PE investment, or external audit where security posture will be evaluated.

STANDARDS AND FRAMEWORKS

  • Industry Standards: NIST Cybersecurity Framework (CSF), CIS Controls, ISO 27001 (Information Security Management), ISO 27701 (Privacy Information Management)
  • FDA Requirements: FDA Cybersecurity Guidance for Medical Devices (2023), 21 CFR Part 11, Quality System Regulation
  • EU Regulations: EU MDR 2017/745 (cybersecurity for connected devices), GDPR, NIS2 Directive
  • Additional Frameworks: HITRUST, SOC 2, ITIL Security Management, COBIT


Cybersecurity risk in a regulated environment is a compliance issue as much as a technology issue. If you are preparing for an FDA inspection, EU MDR audit, or a major system implementation, get the security assessment done before the auditors do.

Ready to talk about your security program?

Whether you need a vCISO to run the function, a risk assessment to understand your exposure, or a structured program to address what an audit or incident revealed, the starting point is a direct conversation about where you are and what needs to change.

Schedule a Consultation
  • Home
  • About Us
  • Contact Us
  • Privacy

Felaris Global LLC

US: One Innovation Way, Woodstock, GA 30188 | Europe: The Circle 6, 8058 Zürich, Switzerland | Caribbean: Invaders Bay Tower, Port-of-Spain, Trinidad & Tobago

+1 (678) 383-1100 | +1 (868) 217-6100 (Trinidad)

Copyright © 2026 Felaris Global LLC. - All Rights Reserved.

Powered by Truth. Strength. Direction.

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept