Cybersecurity · IT Infrastructure · Incident Response

Strengthening Your Defenses
Before They're Tested

We assess your security posture, harden your infrastructure, and respond when incidents occur. Backed by 12 years of systems administration and 5 years of incident response — cybersecurity is the primary focus, and a well-built IT environment is where it starts.

Free download: Basic Incident Response Checklist (PDF)

Scroll
Cybersecurity Assessments
Incident Response
IT Infrastructure & Hardening
5+ Years IR Experience
Sioux City, IA — Serving Siouxland & Beyond
By the numbers
The cost of waiting is higher than the cost of a review

These aren't worst-case scenarios. They're industry averages — and they apply to small businesses just as much as large ones.

60%
of small businesses close within 6 months of a cyberattack
National Cybersecurity Alliance
$4.9M
average total cost of a data breach in 2024
IBM Cost of a Data Breach Report 2024
194days
average time to identify and contain a breach — over 6 months of silent damage
IBM Cost of a Data Breach Report 2024
22days
average downtime after a ransomware attack — 3+ weeks of lost productivity
Coveware Ransomware Report 2024
$1.5M
average ransomware recovery cost for small businesses, including downtime and remediation
Sophos State of Ransomware 2024
82%
of breaches involve a human element — phishing, stolen credentials, or insider error
Verizon DBIR 2024
What cyber insurance actually covers

Most small business cyber policies pay between $250K–$1M per incident — but only if you can demonstrate reasonable security controls were in place. Businesses that cannot show documented security practices often face claim denials or significant coverage gaps. An assessment creates the documentation insurers look for.

Small businesses are the primary target

Over 43% of cyberattacks target small businesses specifically — because attackers know they are less likely to have dedicated IT security staff. Professional firms handling sensitive client data (legal, financial, medical) are consistently among the most targeted sectors due to the value of the data they hold.

The cost of a review vs. the cost of an incident

A Starter Assessment costs $2,500. The average cost of a single business email compromise incident for a small firm — including wire fraud, legal fees, and recovery — is $137,000. Prevention is not just cheaper. For many small businesses, it is the difference between staying open and closing.

Live Ransomware Activity LIVE
Global ransomware tracking data — updates automatically
Groups
Overall Victims
Victims This Year
Victims This Month
Recent Disclosed Victims
Most Recent Attacks
  • Loading live data…
What We Do
Security-first. Infrastructure-aware.
Cybersecurity is the primary focus of every engagement. Our IT infrastructure work exists to support that — because a poorly built environment cannot be made secure with a checklist alone. Every service we offer ties back to reducing your risk.
Primary Focus
Cybersecurity Assessments

We assess your entire security posture — identity, endpoints, network, email, backups, and access controls — and deliver a plain-language report that tells you exactly what to fix and in what order. Built on the CIS Controls framework. Designed for businesses with 1–250 employees.

Security Posture Assessment

Gap analysis across all critical controls — findings ranked by business impact, not technical severity.

Risk Identification

External exposure, credential leaks, misconfigured controls, and access gaps — found before attackers do.

Remediation Roadmap

A prioritized action plan — 30-day quick wins and a longer-term roadmap written for business owners, not just IT.

Supporting Services
IR Staff Augmentation

Experienced hands when your team is understaffed during an incident — containment, evidence collection, restoration, and hardening. Remote and onsite. No forensics or data mining — staff augmentation only.

Learn more →
IT Infrastructure & Hardening

Windows deployment, Active Directory configuration, network design, M365 hardening, and data permissions — built securely from the start so your assessment results reflect real posture, not just configuration debt.

Learn more →
Assessment Tiers
Clear visibility. Real improvements.
Two tiers — built for small professional firms and growing mid-size organizations. Each engagement delivers a plain-language report and a prioritized action plan, not a stack of technical jargon.
Built for small professional firms. You don't need a massive IT department to have a serious security problem. Our Tier 1 assessments are designed for law firms, dental practices, financial advisors, and similar businesses — giving you a clear, honest picture of where you stand and exactly what to fix first.
Starter Assessment
Foundational Review
1–2 day engagement  ·  remote or on-site
  • Could someone access your systems if an employee's password was stolen?
  • What does your business look like to someone scanning the internet for targets?
  • Are your staff emails protected against impersonation and spoofing?
  • Are the devices in your office actually protected — or just assumed to be?
  • If ransomware hit tomorrow, could you recover your data?
  • Is your office network set up in a way that limits damage if something goes wrong?
  • Would your team know what to do — and who to call — if something happened?
  • A plain-language findings report — written for owners, not just IT people
  • A ranked list of what to fix first, with guidance on how to do it
  • A one-page executive summary you can share with your leadership team
Request a quote
Monthly Retainer
Ongoing Partnership
Continuous engagement
  • Security doesn't stay fixed after a one-time review — things change. People leave. New tools get added. This keeps you current.
  • That no former employees still have access to your systems
  • That your email protections haven't drifted or been misconfigured
  • That your devices and software are staying up to date
  • That your backups ran successfully and your data is recoverable
  • That nothing suspicious has gone unreviewed in your alerts
  • That newly disclosed vulnerabilities aren't affecting your business
  • A monthly written summary of your security posture
  • A quarterly trend report showing improvement over time
  • Direct access to your consultant for questions throughout the month
Request a quote
What you get clarity onFoundationalAdvancedRetainer
Can someone break in if a password is stolen?✓ monthly
What does your business look like to attackers?✓ monthly
Are your emails protected against impersonation?✓ monthly
How far could an attacker get inside your network?quarterly
Have any credentials already been leaked online?✓ monthly
Could ransomware destroy your backups too?basic✓ deep✓ monthly
Are former employees locked out of everything?✓ monthly
Written report with clear next steps✓ detailed✓ monthly
A note on scope: Our assessments are designed for businesses with 1–50 employees. We review, document, and advise — we don't break things, and we don't make changes to your systems without a separate agreement. Everything we do is defined in writing before we start.
Built for growing organizations. As your business grows, so does the complexity of keeping it secure. Our Tier 2 assessments are built for organizations with 50–250 employees — where a surface-level review isn't enough and every department, every location, and every person with access needs to be accounted for.
Tier 2 Starter
Foundational Review
3 day engagement  ·  on-site or hybrid
  • Does every person in your organization only have access to what their job requires?
  • Are all of your locations — not just the main office — protected equally?
  • Are the right people in your business getting extra protection — finance, HR, leadership?
  • If a vendor or IT contractor was compromised, how much of your business could they reach?
  • Are your backups covering everything — including cloud tools your teams use daily?
  • Would you know within hours if something was wrong, or would it take days?
  • Are the policies your business relies on actually being followed — or just written down?
  • A findings report organized by business impact and urgency
  • An executive summary written for leadership — no technical background required
  • A prioritized action plan with clear ownership guidance
Request a quote
Tier 2 Retainer
Ongoing Partnership
Continuous engagement
  • At your size, things change constantly — people join and leave, vendors get added, systems get updated. This keeps your security posture from quietly falling behind.
  • That access across all departments reflects who actually works there today
  • That no former employees, contractors, or vendors still have a way in
  • That your highest-risk staff — finance, leadership, HR — still have the protections they need
  • That nothing has silently changed in a way that opens a new risk
  • That your backups are healthy across every system your business depends on
  • That newly publicized threats aren't relevant to your specific environment
  • Whether your team's security awareness is keeping pace with new threats
  • Whether vendor and contractor access is still appropriate and current
  • A posture trend report delivered to your leadership team
Request a quote
What you get clarity onFoundationalComprehensiveRetainer
Every location covered, not just the main office✓ monthly
Every person with access accounted for✓ all✓ all✓ monthly
Finance, HR, and leadership get extra scrutiny✓ monthly
Step-by-step attacker path through your org
Security policies enforced, not just writtenbasic✓ deepquarterly
Vendor and contractor access reviewed✓ monthly
Board or insurer-ready documentation
Written report with clear next steps✓ detailed✓ monthly
A note on scope: Tier 2 engagements are built for organizations with 50–250 employees. We recommend a short discovery call before booking to make sure the engagement is scoped correctly for your number of locations and staff. We review, document, and advise — we don't make changes to your systems without a separate written agreement.
Who We Serve
Built for small and medium businesses with real compliance stakes

If your clients trust you with sensitive data — financial records, health information, legal documents — your security posture is not optional. We work with any SMB that handles sensitive data and needs a trusted security partner.

Law Firms

Client privilege and bar compliance require stringent data protection. We find the gaps before opposing counsel or a regulator does.

Dental Practices

HIPAA mandates technical safeguards. We give dental offices a clear assessment of where patient data is at risk.

Financial Services

Advisors, RIAs, and lenders operate under FTC Safeguards Rule obligations. We map your controls against current requirements.

CPA Firms

Tax data and financial records are prime ransomware targets. We assess your exposure and help you build a defensible posture.

Retail & E-Commerce

Payment card data and customer PII create significant exposure. We assess POS systems, network segmentation, and access controls.

Healthcare & Clinics

Beyond HIPAA — we assess the full technical environment including EHR access, network security, and medical device exposure.

Professional Services

Consultants, agencies, and service firms handling client data need solid fundamentals. We deliver practical, right-sized security.

Any SMB

If you have employees, data, and systems — you have risk. We work with any small or medium business ready to take security seriously.

IT Services
Infrastructure built right
from the start
Good security starts with a well-built environment. Twelve years of managing Windows, macOS, Linux, networking, storage, backup systems, and cloud infrastructure means we have seen firsthand what poor configuration looks like — and what it costs when something goes wrong. These services are offered as project-based engagements, with limited ongoing support available depending on scope and scheduling.
Security is built into everything we deploy

Every deployment, configuration, and design engagement includes security hardening as a baseline — not an add-on. A properly hardened environment is our primary focus. IT infrastructure work without security is just half the job.

View Assessments
Endpoint
Windows Deployment & Hardening

Custom Windows builds designed for your environment — standardized, hardened, and documented. Consistent deployments mean fewer gaps and faster troubleshooting.

  • Custom Windows endpoint builds (SOE)
  • CIS benchmark hardening applied at deployment
  • Imaging and deployment process documentation
  • BitLocker encryption configuration
  • Local administrator account controls
Identity
Active Directory Configuration & Hardening

A clean, well-structured AD environment is the foundation of access control. Whether you are starting fresh or cleaning up years of drift, we design and harden your directory from the ground up.

  • OU structure design and implementation
  • Group Policy design and hardening
  • Privileged account structure and tiering
  • Legacy protocol and attack surface reduction
  • AD cleanup — stale accounts, excessive permissions, misconfigurations
Network
Network Design & Configuration

A segmented, documented network is both easier to manage and significantly harder to attack. We design networks for SMBs that are right-sized, secure, and built to scale.

  • Network architecture design for SMB environments
  • VLAN segmentation — separating staff, guest, IoT, and servers
  • Firewall configuration and rule review
  • DNS and DHCP configuration
  • Network documentation and diagrams
Data
Data Structure & Permissions Design

Uncontrolled file shares and inherited permissions are one of the most common causes of data exposure. We structure your data environment so people only have access to what they need.

  • File share structure design and reorganization
  • NTFS and share permissions cleanup and redesign
  • Role-based access control (RBAC) design
  • Data classification guidance
  • Shared drive migration and restructuring
Cloud
Microsoft 365 & Entra ID Configuration

Most small businesses are running M365 out of the box — with default settings that leave significant security gaps. We configure your tenant the right way from the start, or clean up what has accumulated over time.

  • Entra ID (Azure AD) configuration and hardening
  • Conditional access policy design
  • MFA enforcement and authentication method hardening
  • Exchange Online and email security configuration
  • Microsoft 365 security baseline implementation
Consulting
IT Consulting & Documentation

Sometimes you need an experienced outside perspective — on a technology decision, a vendor proposal, or simply to get your environment documented before something goes wrong. We provide practical, vendor-neutral guidance.

  • Technology roadmap and planning
  • Vendor and product evaluation guidance
  • Network diagrams and asset documentation
  • IT runbooks and standard operating procedures
  • Pre-purchase technology consultation
Project-based engagements: IT services are offered as scoped project engagements — not ongoing monthly managed services at this time. Limited ongoing support may be available depending on scope and scheduling. Each engagement is scoped and priced based on your environment size and complexity. Contact us to discuss your project.
IR Staff Augmentation
Extra hands when your team
needs experienced support.
Ethos does not provide digital forensics, data mining, or forensic investigation services — that requires specialized forensic firms. What we provide is staff augmentation: experienced hands for containment, evidence collection, restoration, and hardening. Five years of hands-on incident response means this is work done in live breach environments, not theory.
Remote Staff Augmentation
Available Immediately

Remote staff augmentation for teams that need experienced additional hands during an incident but travel is not yet required. Triage, containment, evidence collection, and restoration guidance — coordinated remotely with your internal IT team. No forensics or investigative analysis — hands-on operational support only.

  • Initial triage and scope determination
  • Remote containment guidance and isolation steps
  • Evidence collection and preservation
  • Coordinate with your internal IT team to support containment
  • Written technical summary delivered to the engaging organization or lead firm
Remote
How a response engagement works
01
Initial Contact

You call or email. We talk through what is happening, what systems are affected, and whether remote or onsite response is the right move. This conversation is free.

02
Triage & Scoping

We determine the scope of the incident — what was accessed, what is still active, and what needs to happen in the next hour, next 24 hours, and next week. Containment starts here.

03
Containment & Evidence Collection

We stop the bleeding — isolate affected systems, collect and preserve evidence, and work with your internal IT team to stabilize the environment. Remote or onsite depending on your situation.

04
Restoration & Hardening

Systems are restored to a known good state, credentials are reset, and the entry point is closed and hardened. You receive a written summary of what was done and what needs to happen next.

Understaffed during an incident? We can help.

When an incident hits and your internal team is stretched thin, having an experienced contractor ready to step in for containment and restoration makes a real difference. This is staff augmentation — not forensics, not investigation.

Contact Us Now
Scope note: Ethos provides IR staff augmentation only — not full-service incident response. Engagements cover containment, evidence collection, restoration, and hardening, executed alongside your internal team. Ethos does not provide digital forensics, data mining, forensic investigation, threat actor attribution, legal or regulatory communication, or data breach notification services — those require specialized forensic firms and legal counsel. All engagements are scoped and authorized in writing before work begins under a signed Authorization to Proceed and Rules of Engagement. Pricing is based on scope, hours, and whether travel is required. Contact us to discuss your situation.
About
Built from real incident response experience

Ethos Technology & Cybersecurity was founded on a simple premise: most small businesses don't need enterprise security software — they need a knowledgeable practitioner to walk through their environment, find the real risks, and tell them what to fix first. Cybersecurity is the primary focus. IT infrastructure work — Active Directory, network design, Windows hardening, M365 configuration — exists to support it.

We focus on clarity, structure, and practical improvement — not tools, hype, or overpromising. Twelve years of systems administration across Windows, macOS, and Linux — combined with five years of hands-on incident response traveling onsite to remediate breached environments — means every assessment and every deployment is shaped by real operational and security experience, not theory.

We serve businesses in Sioux City, Iowa and the surrounding region, with remote and travel engagements available nationally.

  • 12+ years systems administration — Windows, macOS & Linux
  • 5+ years incident response & onsite remediation
  • Networking — design, segmentation, firewall configuration
  • Storage, backup systems & disaster recovery architecture
  • Cloud infrastructure — Microsoft 365, Entra ID & Azure
  • Cybersecurity assessments — CIS Controls framework
  • Active Directory design, GPO hardening & cleanup
  • HIPAA, FTC Safeguards & professional services experience
Every business I've helped recover from a breach had the same realization too late: the problems we found after the incident were detectable before it. That's why I do this work.
— Ethos Technology & Cybersecurity
01
Discover
Free 30-min call to understand your environment and scope the right engagement.
02
Assess
Structured on-site inspection — every check documented, no corners cut.
03
Prioritize
Plain-language findings with a prioritized roadmap — nothing buried in jargon.
04
Improve
Monthly retainer available if you want a partner to help execute the roadmap.
Contact
Let's talk

Strengthen your environment before it becomes a problem. Start with a free 30-minute discovery call — no pressure, no sales pitch.

Ethos Technology & Cybersecurity
Ethos Technology & Cybersecurity
Email
info@etc-advisors.com
Typically responds within one business day
Phone
(712) 499-8769
Location
Sioux City, Iowa
Serving Siouxland region & the US
Protected by reCAPTCHA — Privacy & Terms