A commitment to security and privacy.

Marvon is a Cyber Security, DevSecOps, and compliance consulting firm offering vCISO and vCTO services.

Building exterior in Toronto, Canada

A passion for solving problems.

Security and privacy principles are the same for virtually every business. How they are applied takes care and understanding of the business we are trying to protect and the goals we are trying to achieve.

Program Development

We help implement a complete privacy and risk management program tailored to your compliance and privacy needs.

Risk Management

Risk management requires a holistic approach that looks beyond just information systems. We help develop risk management programs that look at all aspects of business risk.

Compliance and Audit Readiness

We help manage the entire audit readiness process. From discovery of gaps to directly managing the audit process, we work with you and your assessor to guaranty success.

CI/CD pipelines

Security and privacy practices around software deployment and supply chain management are critical. We can help design pipelines purpose built for compliance.

DevSecOps

Operating infrastructure should be a reliable, repeatable process, and should have privacy, stability and security practices deeply integrated. A mature DevSecOps practice should be business-as-usual to meet compliance requirements.

Architectural Solutions

Whether it’s a ground up build, upgrade, migration, or compensating control, we can help architect technology to balance your confidentiality, availability and integrity requirements with your business goals.

Any business, any industry

Cyber-security tools and technology are constantly evolving, but security principles are simple and apply to any organization, no matter the industry. It always starts with the basics. Do the basics well and grow your security posture from there.

Compliance for any framework

Not all compliance and risk frameworks are created equal. Some are very broad, some very industry specific, and others very prescriptive. All follow similar general principles and in the end seek to manage and mitigate risk. Below are some of the most common compliance standards and risk frameworks we work with.

  • CMMC
  • ISO
  • GDPR
  • HIPAA
  • HITRUST
  • NIST
  • PCI
  • SOC
Tourist taking photo of a building
Windows of a building in Nuremberg, Germany

vCISO/vCTO

  • Technology and security leadership
  • Compliance and risk management
  • Audit readiness and support

What truly sets Brian apart is his ability to translate enterprise security principles into practical solutions for an early-stage company. He found creative ways to implement robust security measures within our resource constraints while keeping our team agile and productive. His clear communication helped our small team understand not just what security measures to follow but why they mattered for a healthcare technology company.

CEO, Oplus Inc

Watch, Read, Listen