WELCOME TO
CARMEL CONSULTING LLC
Managing Your Risks - Protecting Your Data
Service Offerings
Cyber Security and data protection services for small and medium size business and non-profits.
Executive CISO and DPO Advisory Services.
Security & Privacy Compliance
Assisting your business meet regulatory or industry standard requirements such as:
HIPAA or PCI-DSS
ISO 27001 or NIST 800-53
GDPR or U.S. State Privacy Laws.
Security & Privacy Supply Chain Management
Supporting your business ability to manage third-party vendors due diligence product review, data protection language in contracts, on-boarding, annual review process and off-boarding.
Security & Privacy Risk Assessment
Performing a review of your business policies and technical activities based upon your business risk appetite and providing risk management options.
Business Continuity and Disaster Recovery
Aiding your business with planning and preparing for disruptive events such as pandemic, hurricane or fire to ransomware, phishing, or DDoS.
Security & Privacy Awareness, Training and Education
Teaching security & privacy best practices to your business. Help build a Security Awareness Program.
CISO & DPO
Act as your business Virtual or Interim CISO/DPO. Assist your business CISO/DPO with their workload. Mentor your key employee for the CISO/DPO role.
Hello
My name is Cheryl Carmel
I am a privacy and cybersecurity professional who advises business leaders helping them establish or improve their capabilities to protect data entrusted to them through commonsense cybersecurity principles.
I believe that building data protection and cyber security into the foundation and culture of a company is a compelling business enabler. I take a risk-based approach to achieve the desired security posture and recognize the importance of compliance frameworks. I have successfully navigated companies through the process to audit or certify to FedRAMP, NIST 800-53, ISO 27001, AICPA SOC 1, 2 and 3, HIPAA, PCI-DSS and Privacy Shield.
I am a Certified Information System Security Professional (CISSP) and Certified Information Privacy Technologist (CIPT). I have many years of experience in the technology industry and have dedicated the last 15 years to corporate Information Security and Privacy.
I have spoken at industry conferences for many years with focus on topics including improving incident response programs, creating security awareness programs, and building business continuity programs. I am an advocate to educate consumers on digital safety.
