Our Story
Theresa Robison (CISSP, HCISPP)
​
When Theresa isn't focused on Security, Privacy, Risk, or Compliance, Theresa is spending time with her family in Sandy Springs, GA, where she enjoys reading, crafting, trail running, rowing, kayaking, and generally spending time outdoors. She also serves as the Board Secretary and Governance Chair for the High Meadows School and Camp Board of Trustees, an independent school in Roswell, GA, whose mission is "to celebrate and perpetuate each individual’s quest for knowledge and skill, sense of wonder, and connection to the natural environment, [while empowering students and campers] to be compassionate, responsible, and active global citizens."
Theresa Robison has dedicated the last 15 years assisting SaaS companies, and their customers, in maturing their security stature through the design, development, implementation, and operationalization of security, privacy, and compliance tools, processes, and people / teams.
​
Theresa began her Security journey as a Software Developer, researching cutting edge intrusion protection systems for mobile devices and smart phones (B-SIPS), implementing stackable cryptographic file systems for the Linux kernel (eCryptfs) and early generation SIEM products (IBM TSOM), and architecting, implementing, and leading both Key Management lifecycle and tokenization product and service lines at Liaison Technologies (now OpenText).
In 2015, Theresa transitioned from leading Engineering teams in designing, developing, and managing Security products, solutions, and services into leading Global Information Security programs for SaaS organizations.
​
When asked why she had agreed to transition to the role of an Information Security Officer, Theresa simply replied that she feels an internal drive, and moral obligation, to help make things better (and more secure) when she can.
Years later - the drive remains.
Theresa has since led a variety of Security, Privacy, and Compliance initiatives, and is excited to bring those experiences to the table to assist you with your needs, including (but not limited to):
​
​
​
​
- Security strategic plans, roadmaps, and tracking
- Acquisition planning, due diligence and post-acquisition
- Cyber Liability Insurance Advising
- Legal / Security playbooks
- Product and Sales team assistance and advising
- Security and Privacy Steering Committees
- Policy creation and maintenance
- Standards, guidelines, and processes
- Compliance training (Security, Privacy, Secure Coding)
- PCI, SOC2, and customer audits
- FedRAMP Li-SaaS gap assessment and roadmap planning
​
- Security Incident Response programs
- Experience leading through Security Incidents
- Risk Management programs
- Business Continuity program
- Disaster Recover program
- Vulnerability Management programs
- Third Party Risk Assessment programs
- Data Loss Prevention program
​
For additional service options, please reference SERVICES.