About Us
Our Story
Triumvirate Cybersecurity was established in 2024 to provide best-in-class information security governance, risk, and compliance services to customers pursuing CMMC certification with a focus on small and midsize businesses. We were founded by a security & compliance leader who led an organization to be one of the first 50 to pass an audit as part of the CMMC early-adopter Joint Surveillance Voluntary Assessment Program.
With the knowledge and expertise gained from sitting in the same seat where our customers will sit, and supported by experience across a range of compliance frameworks, Triumvirate Cybersecurity was created to meet the urgent need for qualified CMMC preparation guidance among the DIB. Following trends in the security and compliance landscape, we've identified additional areas of need related to the emerging FAR CUI Rule and Canadian Program for Cyber Security Certification (CPCSC). These programs share a common foundation with CMMC, allowing us to utilize our expertise to help even more people meet their compliance needs.
If you’re a business working with the U.S. or Canadian federal government, you know change is coming. We're here to help you make sense of the requirements, implement a robust information security program, and meet your compliance objectives so you can focus on doing what you do best.
Our Approach
No two organizations are alike, so we take a collaborative approach to IT security and compliance. We believe compliance is achieved most effectively through partnership across organizational boundaries and by involving both internal & external stakeholders. We take the time to understand each customer's unique environment, business drivers, and objectives.
Our approach is grounded in transparency, communication, and respect for your expertise in your field. We work alongside your team to develop practical, scalable solutions that fit your operations and culture – not just check the boxes.
We understand there are many challenges organizations must wrestle with, such as competing priorities, knowledge gaps, and budgetary constraints. Our goal is to be a partner: helping your organization identify and implement solutions that fit your unique circumstances. There are many paths to compliance, and we'll help find the right one for you!
Our Leadership Team
David Sutherin
Founder & Cyber Compliance Program Director
With a B.S. in Computer Science and an M.B.A in Cybersecurity, David has both the technical and entrepreneurial background to foster customer success. After serving as the IT security and compliance lead for one of the first organizations to pass a CMMC JSV assessment, he launched Triumvirate Cybersecurity to provide his unique perspective to companies seeking enhanced security & certification. With a history across frameworks including NIST SP 800-171, ISO 27001, PCI-DSS, GDPR, and HITRUST, along with certification as a CISSP and CyberAB RPA, customers can be confident they're receiving expert guidance on his watch.
Alex Wood
Co-Founder & Lead Project Manager
Alex is a multi-faceted professional who has worked across organizations both small and large. From operations management at a small mom-and-pop shop to accounting at a Fortune 50 company, her diverse experience brings invaluable context and insight to Triumvirate Cybersecurity’s operations. Over the last several years, she has immersed herself in cybersecurity and the CMMC framework to learn about the new and exciting topics impacting businesses, including gaining certification as a CyberAB Registered Practitioner (RP). As the organization’s self-proclaimed “Chief People Wrangler,” she diligently ensures all stakeholders understand their responsibilities, projects are delivered on-time, and results exceed expectations.
