About the Author


About the Author

Marlon Bermudez is an Information Security Manager (ISM), who is passionate about Cybersecurity and helping businesses improve their security posture. He owned a Small Business IT Company for 8 years. Then he started working for a Managed Service Provider (MSP) in Stamford, CT where he has been working for the past 7 years.  In his 15 years of experience in the Information Technology field, it has become clear that there is a lack of Cybersecurity resources to help Small Businesses learn how to identify and address their Cybersecurity needs and requirements.  Marlon felt compelled to write this book to help promote Cybersecurity awareness and provide guidance on possible solutions and approaches Small Businesses could use as a baseline to address their Cybersecurity needs and requirements.

Professional Background 

  • Master of Science in Cybersecurity from Sacred Heart University
  • ISC2 Systems Security Certified Professional (SSCP)
  • EC-Council Certified Ethical Hacker (CEH)
  • Access Data Certified Examiner (ACE)
  • Microsoft Certified Solutions Expert (MCSE)
  • CompTIA A+, Linux+, Security+


  • Develop, maintain, manage, implement and monitor Cybersecurity policies
  •  Perform network security audits, recommend, and implement security controls that follow compliance requirements such as HIPAA, SOX, GLBA, PCI, etc.
  •  Risk management & risk assessments, threat & vulnerability assessments
  •  HIPAA Security Officer: help ensure compliance with Security rule
  •   SIEM management, performs forensic analysis of user artifacts
  • Familiar with Access Data FTK Imager, Registry Viewer, Volatility, Strings, etc.

About the Book

This book will expand on the NIST Cyber Security Framework subcategories and informative references to help small businesses with its implementation. Topics covered in this book include:

• Reference to NIST Cybersecurity Framework (CSF)
• Legal and Regulatory Compliance: HIPAA, PCI, GLBA, SOX, etc.
• A walkthrough on how to implement the NIST CSF 98 subcategories, and possible products and services options to address your Cybersecurity needs and requirements.