// Case Studies
Real engagements. Measurable outcomes.
Selected work from Dephiant's vCISO, incident response, cloud security, and compliance practices. Details anonymized where required by NDA.
49 of 49 case studies
Regional bank reaches SOC 2 Type II in 11 months
Embedded vCISO leadership delivered a clean SOC 2 Type II audit with zero exceptions, unlocking three enterprise deals.
Series B healthtech builds a HIPAA program around a fractional CISO
Replaced ad-hoc compliance with a named security leader, a written roadmap, and a HIPAA Security Rule program that survived an enterprise customer audit.
B2B SaaS rebuilds board-level security reporting after CISO exit
Stepped in 11 days after the CISO resigned, kept SOC 2 surveillance on-track, and ran the next two board meetings without disruption.
Specialty hospital network blunts ransomware staged against a peer
Sector-focused intel surfaced infrastructure overlap with a peer hospital intrusion 96 hours before the affiliate pivoted to our client.
B2B SaaS catches typosquatted dependency before production deploy
Dependency-focused intel flagged a typosquatted npm package on the build server seven minutes after publication, blocking a credential-stealing payload.
Manufacturer segments OT network ahead of ransomware wave
Network segmentation and proactive intel monitoring kept three production lines online during a sector-wide ransomware campaign.
B2B SaaS rebuilds AWS landing zone, cuts cloud risk by 71%
Replaced a single-account AWS sprawl with an Organizations-based landing zone and reduced critical CSPM findings from 312 to 90.
Manufacturer modernizes Azure tenant before a $90M ERP cutover
Re-architected an unmanaged Azure tenant into a Cloud Adoption Framework landing zone in time for the ERP go-live.
AI startup hardens GCP for an enterprise model deployment
Locked down GCP projects hosting model training and inference so a Fortune 100 customer could approve production deployment.
Industrial group ships a plant copilot with documented safety rails
Wrote the policy, evaluation harness, and human-in-the-loop controls that let an operator-facing LLM ship to 14 plants without slowing safety review.
AI startup ships LLM features with documented guardrails
Built a prompt-injection test harness and policy framework that let a 12-person team launch enterprise LLM features in 6 weeks.
AmLaw firm rolls out an AI use policy across 480 attorneys
Replaced an outright ban with a tiered policy, vetted toolset, and evaluation pipeline that satisfied ethics counsel and the executive committee.
AI startup stands up enterprise-grade IT before Series B
Translated a founder-built IT environment into an enterprise-ready stack. Identity, endpoint, ticketing, and procurement. In 90 days.
Boutique law firm rationalizes a sprawled SaaS portfolio
Cut 41 redundant SaaS tools, consolidated identity onto a single IdP, and freed $612k in annual spend.
Specialty retailer standardizes store IT across 92 locations
Replaced eight overlapping point-of-sale and back-office stacks with a single reference architecture and a written rollout plan.
International law firm certifies to ISO 27001 across three offices
Ran the certification end-to-end. Gap assessment to surveillance plan. Across NY, London, and Singapore in 9 months.
E-commerce brand passes PCI DSS 4.0 after failed audit
Rebuilt scoping, segmentation, and quarterly scans to clear PCI DSS 4.0 in 90 days after a failed QSA assessment.
EdTech platform clears statewide FERPA review for K-12 contract
Authored the FERPA, COPPA, and state data-privacy artifacts that unlocked a statewide deployment to 612 districts.
DTC retailer contains a Magecart skimmer in 4 hours
End-to-end IR for a JavaScript skimmer injected via a third-party tag manager. Contained and notified within a single business day.
K-12 district restores classrooms after ransomware in 6 days
Stood up incident command, recovered backups, and rebuilt domain trust in time for classes to resume after Thanksgiving.
Logistics provider rehearses ransomware before it hits
Two executive tabletop exercises surfaced 14 broken assumptions in their IR plan. Fixed before a real Akira intrusion later that quarter.
EdTech platform shuts down a coordinated account-fraud ring
Open-source and dark-web intel mapped a fraud ring abusing free-tier accounts to launder stolen cards. And powered a coordinated takedown.
Trucking carrier protects drivers from coordinated doxxing
Monitoring forum chatter and breach data preempted a doxxing campaign targeting drivers handling high-value freight lanes.
International nonprofit defends against mission-targeted intrusions
Country-team-aligned intel briefs let security ops pre-position defenses before two state-aligned phishing waves.
3PL builds an on-time-delivery analytics platform in 12 weeks
Replaced a spreadsheet-driven KPI process with a governed warehouse, semantic layer, and shipper-facing dashboards.
National nonprofit modernizes donor analytics, lifts retention 18%
Built a governed donor-analytics stack and segmentation models that improved retention and reduced wasted appeal spend.
Regional utility cuts load-forecast error in half with ML pipeline
Replaced a legacy load-forecasting spreadsheet with a governed ML pipeline and an operator-facing review workflow.
Nonprofit publishes a 3-year digital transformation roadmap
Aligned 14 program areas on a single transformation roadmap with named owners, dependencies, and quarterly outcomes.
Energy utility ships a modern customer portal in 11 months
Authored the strategy, RFP, and program governance for replacing a 12-year-old self-service portal serving 1.2M customers.
Mid-size city authors a unified resident-services strategy
Replaced 11 department-by-department service portals with a unified strategy, accessibility baseline, and procurement plan.
Electric utility rolls out zero trust across 4,200 endpoints
Delivered identity-, device-, and network-layer zero-trust controls across a hybrid utility environment without disrupting field operations.
County government migrates 6,800 mailboxes to Microsoft 365
Cut a multi-year migration plan in half by leading the discovery, identity baseline, and rollout for a CJIS-regulated environment.
National broadcaster modernizes identity for 9,400 staff and contractors
Replaced 11 legacy directories with a single IdP and lifecycle automation that survived live-production cutovers.
State agency stands up a digital accessibility program
Replaced reactive ADA complaints with a proactive program: standards, tooling, training, and a procurement gate.
Streaming media company embeds inclusive review into the product pipeline
Built a repeatable inclusive-design review for every product launch. Accessibility, captioning, and representation. And trained 320 product staff.
Fintech redesigns onboarding for screen-reader and low-bandwidth users
Cut onboarding drop-off for screen-reader users by 41% and improved performance for low-bandwidth markets.
Media company decommissions two data centers, cuts IT emissions 38%
Replaced two aging data centers with a hybrid-cloud target operating model, cutting scope 2 IT emissions and recurring lease cost.
Regional bank pairs FinOps with carbon accounting for cloud
Embedded carbon-aware metrics next to cost in the bank's FinOps practice, surfacing $1.6M of right-sizing and a 22% IT emissions cut.
Hospital system reduces imaging-archive energy use 44%
Migrated cold imaging archives to energy-efficient object storage and tiered access. Saving cost and emissions without affecting clinical workflows.
Global manufacturer stands up an enterprise cybersecurity governance program
Built a board-reporting governance program spanning 14 business units, with a single risk register, control catalog, and quarterly cadence.
National retailer transforms PCI DSS 4.0 compliance across 1,400 stores
Re-architected cardholder data environment and operationalized PCI DSS 4.0 future-dated requirements ahead of the 2025 deadline.
Mid-market insurer builds a quantitative cybersecurity risk management program
Moved from heat-map risk reporting to FAIR-based quantification, enabling the board to trade off security spend in dollar terms.
Logistics provider rebuilds a security awareness program after a phishing breach
Replaced annual click-through training with a role-based program; phishing click rate dropped from 28% to 3% in two quarters.
Multi-product SaaS firm launches a cloud security governance initiative
Standardized landing zones, guardrails, and CSPM across 3 AWS organizations to keep velocity while ending shadow-account sprawl.
Biopharma launches an enterprise third-party risk management program
Tiered 1,200 suppliers by data and operational risk, automated assessments, and tied results to procurement gates.
Federal civilian agency accelerates cybersecurity modernization to meet OMB mandates
Stood up Zero Trust architecture aligned to OMB M-22-09, with phishing-resistant MFA, EDR, and encrypted DNS across 40k endpoints.
MSP overhauls incident response and resilience after a ransomware near-miss
Designed an MSP-grade IR playbook, ran tabletop and red-team exercises, and validated immutable backups for every client tier.
R1 university launches a higher-education cybersecurity workforce development program
Co-designed a stackable cyber credential pathway with industry partners, placing 240 students into SOC and GRC apprenticeships.
Global media company launches an AI governance and risk strategy initiative
Built an AI governance program covering inventory, risk tiering, model evaluations, and human-in-the-loop guardrails aligned to NIST AI RMF and EU AI Act.