Cyber security risk management
Technology and cyber security are a journey. We partner with our clients to identify their biggest risks and develop effective solutions for managing those risks.
Jeffrey Groman, Founder and Principal
I am dedicated to helping my clients identify and address their cybersecurity risks, providing high value and unmatched responsiveness. With over 25+ years of experience I work with security teams and internal audit to develop high impact audit plans. I have seen the evolution of threats while staying current with attack trends and technologies such as cloud computing and advances in AI. I help my clients through conducting audits to identify risks and follow up with remediation advice to help close the gaps.
What our clients say about us
Trusted partner
Jeff is a great partner and trusted resource to our Internal Audit team, consistently providing valuable expertise in IT cybersecurity. His contributions to audits and projects have helped us provide meaningful recommendations to strengthen our organization’s security environment. Jeff is dependable and easy to work with, and his knowledge and insights are highly respected by our internal IT team. Their confidence in Jeff’s expertise has made collaboration smooth and effective, and we truly appreciate the value he brings to our efforts.
Florina Dekalo
Chief Audit Executive, Northwestern Medicine
A partner needed a very quick turnaround on a third party audit...Groman Cyber was able to meet the timeline and develop a thorough plan for a company of their size...I read the final report and was very pleased at the insights contained within.
I have no reservations recommending Groman Cyber to attend to your information security needs.
Jon Busey
Solutions Architect, b-tech
Responsive and insightful
Professional and talented
Jeff is a consummate professional and exceptionally talented at what he does. I've had the pleasure of working alongside Jeff over the past 8 months, and have always been impressed with his knowledge, intelligence and ability to produce impactful results under pressure. He's a joy to work with, and I look forward to working with him again!
Nate Shockey
VP Services, Abira Security
Our Services
Assessment and Audit Support
Groman Cyber will partner with you to run technical assessments and audits against a custom scope of your assets. Typical examples include:
Database and data security
Vulnerability management and patch management
Asset management
Cloud security
Identity and access management
Software development lifecycle
Third party risk
Disaster recovery and business continuity
Tabletop Exercises
Groman Cyber develops a custom scenario that fits your business - including your technologies, risks and security tools. Tabletop exercises simulate a real-world attack, but the entire exercise is spoken. No actions are performed as part of the exercise. The exercises are performed by client staff and moderated by Groman Cyber, and they can be run onsite or remotely. We typicall include two separate sessions. One session for the technical staff and a separate session for your executive leadership.
Penetration Testing & Offensive Security
Groman Cyber offers custom scope security testing for a variety of business needs. We use a combination of commercial, open source and custom made tools depending on the nature of the testing being performed. Typical testing scopes include:
Web applications
External penetration testing
Red Team or offensive security
Wireless networks
Embedded systems
IoT
ICS/SCADA devices
Emerging Threats and Technologies
Whether you’re looking for an update on recent attacks and threats to your industry, or help developing policies for securing new technologies like AI, Groman Cyber will partner with you. Here are some emerging topics that we get requests to help with:
Integrating AI into existing workflows and exploring new workflows designed to integrate with agentic AI and Retrieval Augmented Generation (RAG)
Integrating cyber risk with the Enterprise Risk Management (ERM) framework
Providing updated cyber risk profiles for board of directors’ consumption
Our [Extended] Team
We are a group of technologists and security professionals that are passionate about helping your company develop and integrate the latest technologies while addressing the business and cyber risks your company faces.
Our extended team includes our partners that we have worked with and have developed personal and professional relationships with in order to deliver the best possible service and value to our customers.
