A Passion for Security

cyber security near syracuse ny from orion secure cyber security lock

About Orion Secure

Orion Secure, Inc. is an independent, premier information security consulting firm based in Syracuse, NY, specializing in cybersecurity regulatory compliance, cyber risk management, and comprehensive security assessments. Since our founding in 2009 as Cyber Defense Institute, we have earned a reputation for excellence, built on integrity, expertise, and an unwavering commitment to our clients’ success.

Our approach is rooted in professionalism and independence. We ensure that every recommendation and solution is tailored solely to our clients’ needs, free from external influence. We pride ourselves on cultivating long-lasting partnerships with small and mid-sized organizations by consistently delivering superior service and measurable results.

Our reputation speaks for itself. The strength of our business lies in referrals—testimony to the trust we’ve earned and the high-quality service we provide. At Orion Secure, we are dedicated to empowering our clients to meet their cybersecurity challenges confidently while fostering a collaborative relationship that extends well beyond a single engagement.

Orion Secure can assist you or your organization in all facets of network security and compliance.

A CSI/FBI Survey estimates that over 85% of all crimes today involve a digital device that contains a digital signature.

Brandon Finton, MS, CISSP, CISM

President, Principal Consultant Orion Secure, Inc.

Brandon Finton is the President and Principal Consultant of Orion Secure , a firm specializing in tailored information security and compliance consulting for highly regulated industries. Brandon and Orion Secure have experience in many markets including financial services, insurance, retail, healthcare, manufacturing, and defense. Since joining Orion Secure in 2015, Brandon has leveraged over 15 years of experience in technical and managerial roles to support client’s evolving security needs. His previous roles include Information Security Supervisor for a large community hospital, Infrastructure Engineer for a hospital system, System Administrator at an Ivy League university, and Software Quality Assurance Engineer for a global business process outsourcing firm. Throughout his career, Brandon has supported organizations in achieving compliance with various data security standards such as HIPAA, PCI DSS, NYS DFS, CMMC, and GLBA. He adopts a standards-based approach informed by NIST or other applicable frameworks, assisting clients with gap assessments, compliance management, risk management, audit support, and technical assessments, including vulnerability management and penetration testing. Brandon also has substantial experience in disaster recovery planning and incident response, having participated in multiple declared information system disaster recoveries. Brandon holds a master’s degree in Telecommunications and Network Management from Syracuse University and a bachelor’s degree in business management from the Rochester Institute of Technology. He is a Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM). Brandon also was certified as a Certified Ethical Hacker (CEH) from 2009-2024. Brandon contributes to the field of information security through speaking engagements at industry conferences, as a board member of the Central New York ISACA chapter, and providing NYS DFS approved continuing education courses.

Jim Shea

Founder

Before founding Orion Secure in 2009 as the Cyber Defense Institute, Jim was also the founder and director of the Center for Business Information Technologies (CBIT) at Syracuse University.  At CBIT he spent 15 years developing and managing information technology (IT) training and certification programs. Jim holds a master’s degree in information systems and network management from Syracuse University’s School of Information Studies and he has completed his coursework and passed all competency exams for a PhD in Instructional Design, Development and Evaluation at Syracuse University. Jim has over 30 years in the IT field and over 14 years’ experience as a consultant in the information security field. Jim is a frequent speaker at tech conferences and professional association meetings on the topic of information security.

 

Why Orion Secure?

Our Professional Team

Our team of professionals holds advanced degrees and security certifications and has many years of IT security experience to bring to the table. We understand both management and technical issues, and our associates are passionate about security. We also teach security to IT professionals, the military, and graduate students.

Independent

Orion Secure is independent and unbiased because we do not sell security products such as hardware or software to fix problems that we find. We help you select the most cost-effective solutions to address security risks using industry best practices.

Read more about our statement on independence.

Our Methodology

Orion Secure takes a pragmatic risk-based approach to discovering and analyzing the areas of most significant cyber risk to your organization. We will focus our services on identifying the most critical cyber risks to maximize your investment and mitigation in risk assessment.

Our Ethics

Confidentiality and professional ethics are at the top of our corporate priorities. Our professional staff subscribes to the ISC2 and ISACA codes of ethics for security professionals. Trust is the basis of any good relationship, and we work very hard to earn and maintain your trust.

Our Services

Orion Secure's services are limited to cyber security compliance, technical and risk assessments, cyber forensics, and cyber security training. 

These services include:

  • Penetration Testing and Web Application Security Assessments

  • Virtual CISO services

  • Threat Monitoring as a Service

  • Risk Assessment

  • Compliance and audit prep services

  • Staff Training and Mentoring

Our services help your organization address compliance issues, including: PCI, HIPAA, GLBA, NYS DFS, etc.

Our Value

Orion Secure provides value to your organization by reducing the risk of a cyber-attack.  By working with our professionals, we will help you to strengthen your defenses, identify the unique risks that threaten your environment, train your staff to identify, protect, detect, respond, and recover from threats or incidents, and most importantly help you continue to meet your mission uninterrupted. We value close relationships with our clients and strive to provide timely and exceptional service.

Expertise in Cyber Security

Orion Secure’s information security experts use years of experience across multiple industries to provide a comprehensive view of your company’s information security posture. Working with us allows you to take advantage of our knowledge in your industry and many similar industries.

Successful Track Record in Cyber Security

Orion Secure’s work with our clients has been audited by multiple government and independent auditors across multiple industries. We know what it takes to help protect your business while also complying with any regulations or requirements you may have.

Our Competitive Advantage

We provide:

  • Personalized attention: as a smaller cybersecurity company, we maintain a smaller client base, which allows us to provide more personalized attention and customized solutions to their clients.

  • Faster response time: Orion Secure does not have the layers of bureaucracy that larger companies have, allowing us to make decisions and respond to client needs more quickly than our larger competitors.

  • Greater flexibility: Orion Secure is more nimble and adaptable to changes in the cybersecurity landscape, which can be important in the fast-moving world of cybersecurity.

  • Competitive pricing: Orion Secure offers more competitive pricing than larger companies due to lower overhead costs and more streamlined operations.

  • Innovation: Orion Secure is more innovative and agile, as we can often take risks and experiment with new ideas more quickly than larger companies.

  • Independence: We do not partner with, affiliated with, or owned by another IT services company. We don’t install and configure systems. We strictly provide our professional opinion on what is best for you based on our decades of experience, regardless of what systems you use or who you partner with. Read more here