Securing high-value Ag-Tech data and proprietary viticulture research. I audit your field connectivity to ensure your competitive advantage is defensible.
Schedule a Risk Sanity CheckCMMC 2.0 certification advisory for Dundee defense contractors. I guide DoD suppliers through gap assessments, CUI scoping, and C3PAO prep — in financial language your CFO can act on.
Protecting proprietary viticulture research, Ag-Tech IP, and competitive winemaking data in the Dundee Hills AVA.
Auditing field connectivity and securing the sensor networks that drive precision agriculture.
Strategic IT for tasting rooms, wine clubs, and the hospitality infrastructure of wine country.
Securing logistics data and the distribution networks moving product from vineyard to market.
Strategic IT oversight for vineyard property transactions and agricultural land development.
Defensible governance for intellectual property protection and regulatory compliance in the wine industry.
Technical oversight for the financial operations and investment management of vineyard estates.
Financial-grade IT for Accounting, Tax, and advisory firms serving the viticulture sector.
Implementing controls to validate crop and cyber insurance coverage and reduce liability exposure.
I sit on your side of the table as a strategic advisor. My process begins with a high-level assessment of your risk exposure and vendor landscape.
Once the strategy is defined, I coordinate delivery of Managed IT, Cybersecurity, and Compliance services through proven enterprise partners.
"The ideal CIO for any organization in search of a transformative leader who strikes the perfect balance between enterprise security and innovation."
Jason Assir
Enterprise Transformation Executive
"He led our IT transformation from an infrastructure back-office to a business-focused, application-oriented group with direct impact on operations and cost structure."
Gustavo Gradvohl
CFO, Natura PCR
"His ability to see the big picture while considering every detail. He bridges the gap between strategy and operations in a way that sets him apart."
Jeffrey Birch
Direct Manager
"A visionary leader with deep care for people and thorough knowledge of network and system administration."
Pershing Lum
Technology Executive
Most internal IT resources are already stretched across competing priorities, whether that is a single person or an entire team. What I bring is a completely different scope: strategic oversight, vendor governance, and the ability to coordinate a full suite of managed IT, cybersecurity, and compliance services through established enterprise partners. I work alongside whatever you already have in place, filling the gaps across high-level risk strategy, 24/7 managed support, and audit-ready compliance. Think of it as adding a CFO to a company that already has an accounting function. Entirely different mandate, no redundancy.
Most mid-market businesses leak between 15 and 20 percent of their IT budget through shadow IT, misaligned vendor SLAs, and auto-renewed contracts that no longer serve them. I conduct a high-level strategic assessment to identify where the biggest risks and inefficiencies are, then coordinate the right specialists to do the deep technical work. My MS in Finance means I frame the findings in terms your CFO and board can act on, shifting IT costs from unpredictable break-fix spikes to flat-rate operational predictability.
I quantify the Cost of Inaction. A single ransomware event costs mid-market firms an average of $1.4M in downtime, remediation, and legal exposure. That number does not include reputational damage or lost contracts. I present your board with a clear financial model showing reduced cyber liability, recovered budget from vendor waste, and the value of audit-ready compliance. The conversation shifts from what does this cost to what financial exposure are we eliminating.
If your company holds or is pursuing a Department of Defense contract — or if you are a sub-contractor to a prime that does — CMMC 2.0 certification is a contractual requirement. This applies to any business handling Federal Contract Information (FCI) or Controlled Unclassified Information (CUI), regardless of size. The DoD has begun enforcing CMMC requirements in active solicitations, meaning non-compliant businesses are being excluded from awards. I help Dundee businesses determine exactly which level applies, scope their environment correctly, and build a compliant posture well before their contract deadline.
For businesses starting from a low baseline, CMMC Level 2 remediation typically takes 9 to 18 months from initial gap assessment to a clean third-party assessment. The cost depends heavily on how many of the 110 NIST SP 800-171 practices are already in place and the complexity of your environment. What most businesses underestimate is the cost of starting late — rushed remediation, missed contract opportunities, and emergency vendor engagements are far more expensive than a planned compliance roadmap. My MS in Finance means I give you a financially grounded timeline and budget your CFO can commit to, not just a technical checklist.
My role in an active incident is remote executive translation and strategic guidance. Not technical firefighting. A 24/7 enterprise Security Operations Center handles the rapid technical containment while I work directly with your leadership team remotely, translating the threat in financial and legal terms, coordinating your cyber insurer, and ensuring your communication to regulators and stakeholders is defensible. Either way, you get a calm, experienced strategist guiding your leadership while the engineers neutralize the threat in the background.
An executive's guide to tech spend. Every week I translate cybersecurity and IT cost decisions into plain financial language your CFO can act on.
452 subscribers and growing.
Subscribe on LinkedIn