The complexities of cybersecurity aren’t lost on Lawrence Cruciana. Yet, he recognizes that simplicity is the cornerstone of success.
“We’re focused on bridging the usability gap. We have always viewed technology as a business enabler,” explained Cruciana, president of Corporate Information Technologies (Corp Info Tech), a Charlotte, NC-based MSP specializing in security and compliance. “Too often the focus is on security protections at the expense of business productivity. People wind up not being able to get their work done.”
This pragmatic attitude — fashioned over three decades in the IT world — has catapulted the firm to the upper echelon of MSPs. It also has helped the company stay relevant. Corp Info Tech serves organizations from the Charlotte area and beyond. Its client lineup includes national defense contractors, banks, and state and local governments.
The company’s formula is to position itself as a center of expertise. Remarkably, Corp Info Tech was the first organization to achieve CIS Controls accreditation by the Center for Internet security (CIS) in 2023. It’s also on track to be among the first MSPs to attain a Cybersecurity Maturity Model Certification (CMMC) Level 2 certification.
“It’s impossible to solve problems with technology alone,” Cruciana noted. “Sometimes, a specific product is the answer; sometimes, it’s a process or people — or a combination of all three. Cybersecurity, data privacy, and compliance are critical elements, but the common theme is that they must support the business.”
Building Success
Businesses often approach Corp Info Tech after experiencing a string of frustrating, problematic encounters with MSPs, Cruciana said. “In many cases, they have either outgrown their previous MSP or discovered that it simply wasn’t a good match.”
Lawrence Cruciana
Cruciana strives to set himself apart from the competition. He makes it a point not to hard-sell a particular technology stack with assorted add-ons. “We work hard to understand the business, information assets, and the level of risk. At that point, we can determine how best to mitigate and manage the risk.”
This holistic approach requires a broad and deep understanding of both business and IT. Cruciana said he relies on CIS Critical Security Controls. These establish a set of best practices and a prioritized list of actions around the most frequent cyberthreats. He focuses on bridging the gap between technical knowledge and business strategy.
“We recognize that clients are not technologists or experts in cybersecurity,” Cruciana observed. “They aren’t interested in a particular vendor or product. They just want to lock down their data and keep systems safe. Our goal is to help them run their businesses as effectively and securely as possible.”
Keeping an Eye on Performance
Corp Info Tech is a pioneer in cybersecurity. It established this position by focusing on industry standards.
Since its inception, the firm has tapped holistic and structured frameworks like CIS Critical Security Controls, ISO 27001, and CMMC to enhance its capabilities and apply proven methods to projects.
Take CMMC, which the U.S. Department of Defense (DoD) developed and requires for contractors. It assesses cybersecurity capabilities through a formal framework of asset management, risk assessment, incident response, access controls, configuration tools, and cybersecurity training. “It continues to raise the bar for cybersecurity in the defense supply chain,” Cruciana emphasized.
The certification process is a multistep effort. It involves self-assessment, third-party assessment, and potential remediation efforts. “It is not for the faint at heart,” Cruciana cautioned.
Nevertheless, there is enormous value to these certifications, he said. “We have always approached them with a basic question: What is the value? In our case, it’s a way to showcase our knowledge, skills, and commitment to a highly effective cybersecurity framework.”
The structured approach succeeds, he insisted, because it delivers a straightforward and comprehensible framework for dealing with cybersecurity issues — and communicating the firm’s business philosophy to clients. “We publish our security standards, and we have no problem talking to clients about every aspect of the solutions we offer.”
Certified Results
A focus on customized solutions, critical certifications, and high-level expertise from the service desk to senior leadership has catapulted Corp Info Tech to the top of the industry. It has helped MSPs navigate a rapidly changing world with increasingly complex technologies and business requirements.
Concluded Cruciana: “Cybersecurity is an ongoing journey, and certifications help us align our business with the latest and most effective methods.”
Images: Corp Info Tech
