Stephen Mazza Joins BMF as Partner!

BMF welcomes with pride and purpose, our newest partner and member of the firm, Stephen Mazza!

Every day at companies of every size, ransomware, financial attacks and IP theft take place. The notion that firewalls and passwords are protecting them is a fallacy. In fact, the greatest exposure to their data and bank accounts isn’t their network readiness, but the fact that their own people can serve up everything they own to a hacker without ever knowing they did it.
Our Cyber Technology Group offers a package of IT, network and cybersecurity services that goes beyond the traditional offerings found in the industry. We work with the C-suite on steps to improve their network readiness and cybersecurity infrastructure and provide IT departments the tools and systems they need to run an effective, strategic department that can function above the daily “fire-fighting mode.”Serving as critical business partners with our clients, we understand how businesses run and where top vulnerabilities are likely to be. Through this evolution of service offerings, we are equipped to serve our clients with the skills, tools and resources they need to run an effective IT department while protecting their most critical component – their data.

Our longevity with clients coupled with our expansive business and IT knowledge helps address the “cybersecurity insecurity” felt by many executives, even more so than a technician or a traditionally managed service provider.

What should you ask a Cybersecurity Professional?
We’ve put together a list of questions you should ask to ensure reputable credibility.


AssessmentsPenetration TestingConsultingTraining & Monitoring
An expert look into your IT and security operations. You'll get a detailed executive report and cybersecurity scorecard, along with recommended best practice guidance.
  • General Assessments
    • Network Security
    • IT Operations
    • Functional Audits
  • Maturity Assessments
    • Cyber Security Program
    • Framework Alignment (NIST/CIS)
Put your controls to the test as our team simulates attacks against your systems. You'll get a full report and remediation guide to further train your team and enhance your security.
  • External Network Testing - We perform a vulnerability scan of any public-facing systems from your organization. We manually verify any issues and work to exploit vulnerabilities according to the scope of work.
  • Internal Network Testing - We perform and validate scan results on ports, computers, devices and networking equipment and work to manually exploit our findings.
  • Social Engineering - We target your organization's employees to see if they can identify and withstand a would-be attacker. We vary these to align with your company's security maturity with a corresponding increase in sophistication.
  • Physical Security - We work to bypass physical controls to your buildings and restricted/secure areas. With our background in access control, we help you uncover gaps in physical security coverage and recommend changes accordingly.
Custom solutions that are tailored to your specific needs. You'll get the security solution you need that fits your business right now.
  • Outsourced Leadership
    • Virtual CIO
    • Virtual CSO
  • Business Continuity
    • Incident Response Plan Review
    • Tabletop Exercises
  • Custom Engagements
    • Solutions tailored to your unique needs
Security awareness is the starting point for a security program. You'll get online video training and email alerts if a user's credentials are compromised on the dark web.
  • Training & Monitoring
    • Phishing Campaigns
    • Dark Web Monitoring
    • On-site Training Seminars
Have questions? We’re here to help.    ASK US

Practice Leaders

Bryan M. Smith

Director of IT



Contact Us