Pricing

Transparent Pricing For Every Engagement

Fractional CISO retainers are scoped to your business and priced based on complexity. Project-based services have fixed pricing below.

Services and Pricing

Fractional CISO retainers and CMMC programs are scoped after an initial conversation. Security reviews have fixed pricing.

primary

Fractional CISO

Ongoing security leadership

$ 4000
starting at / month
  • Named senior security lead — no handoffs
  • Security program built to your risk profile
  • Board and executive communication support
  • Vendor and tool evaluation
  • Incident response readiness
  • Audit and compliance preparation
Talk to a Fractional CISO

CMMC Readiness

DoD contract compliance

$ 1500
assessment starting at
  • Gap analysis against CMMC Level 2
  • SPRS score calculation
  • System Security Plan (SSP) support
  • Prioritized remediation roadmap
  • POA&M documentation
  • Implementation support available
Start Your Assessment

Security Review

One-time assessment

$ 3000
flat fee
  • Technical discovery and stakeholder interview
  • Architecture and control review
  • Written findings report
  • Risk-ranked remediation priorities
  • 1 to 2 week turnaround
Book a Review

How Engagements Work

Every engagement starts with a conversation. You will know exactly what you are getting before you commit to anything.

Start with a call

Free 30-minute conversation. We learn your situation, you learn what is realistic.

Clear scope before you pay

Retainers and CMMC programs are scoped and priced before any work begins.

Senior person throughout

You work with the same senior lead from kickoff to delivery. No handoffs to junior staff.

Common Questions

What does a Fractional CISO retainer actually cost?

Retainers start at $4,000 per month and are scoped based on company size, regulatory requirements, and how much executive involvement you need. Most mid-market engagements run $5,000 to $10,000 per month. We scope it together before you commit to anything.

What is included in the CMMC readiness assessment?

The assessment covers all 110 NIST SP 800-171 controls, produces a SPRS score, documents your gaps, and gives you a prioritized remediation roadmap. Implementation support to close those gaps is available as a separate scoped engagement.

How fast can we get started?

Security reviews typically start within one week of booking. Fractional CISO retainers and CMMC programs begin within two weeks of scoping. We move fast because most clients come to us with a deadline in mind.

Do you work with companies outside of defense contracting?

Yes. Fractional CISO engagements cover any mid-market company dealing with SOC 2, cyber insurance requirements, enterprise customer security questionnaires, or board-level security oversight. CMMC work is specific to DoD contractors.

Not sure which fits your situation?

Start with a conversation. We will tell you what makes sense for what you are dealing with.

Talk to a Fractional CISO
See All Services →