Select Page

Helping You Forge Automated
Cybersecurity Capabilities

TRUSTED  I   EXPERIENCED  I   RESULTS-DRIVEN

Our mission is to dramatically increase the efficiency and effectiveness of your cybersecurity practices through process improvement and automation

Our Services 


Proposal Support

Does your must-win proposal have an OSCAL, cATO or cybersecurity automation requirement? Would that be a discriminator?

We have excellent win-rate architecting cybersecurity responses.

OSCAL Enablement

Trying to determine how to get started with OSCAL?

Let the co-author of the OSCAL specification help you determine the best starting point and approach for your organization.

Training

Canned or tailored training available for your sales, proposal and technical teams.

Enterprise Security 
Architecture

Increase the efficiency and effectiveness of your organization’s cybersecurity practices across your portfolio of systems and teams.

FISMA/FedRAMP/CMMC Alignment

Unlock a massive market by embracing Federal cybersecurity requirements or improve your existing capabilities to achieve better margins and expand your customer base. We can help you reach these goals faster and more efficiently. 

Solution Architecture

From enterprise harmonization to point-solutions, we help you understand options, design solutions, and ensure implementation efforts remain on target.

Our product agnostic approach ensures we work in your best interest.

Our Clients

Strategic Design
Sensible Implementation

Our solutions start out aspirational and are aligned to the realities of your scope and resources. Our unique mix of experience with enterprise IT and cyber operations, regulatory compliance, standards alignment, process improvement, and system development methodologies ensure you experience benefits as soon as possible and to the greatest degree practical. 

Ready for the next steps?

Contact us for a free consultation.
Let's discuss your goals and determine how we can best help you! 

Meet Brian

Brian is the architect and co-creator of the Open Security Controls Assessment Language (OSCAL) and inaugural chair of the OSCAL Foundation. His achievements are built on 35 years of experience with information technology (IT), quality management, business process re-engineering (BPR), and cyber solution architecture. In 2024 Brian started Ruf Risk to focus on his passion for serving organizations as they seek to enhance their cybersecurity practices.

News and Updates

FedRAMP 20x: Stay the Course! Prepare to Move Faster!

FedRAMP 20x: Stay the Course! Prepare to Move Faster!

March 26, 2025 I like sailboats. They are a time-honored method for crossing a large body of water. Tried and true! Elegant! I also like motorboats. While their engine adds complexity, they are more maneuverable and allow you to travel faster. Sometimes you need speed...

Supporting the OSCAL Foundation

Supporting the OSCAL Foundation

Ruf Risk is proud to be an inaugural member of the Open Security Controls Assessment Language (OSCAL) Foundation! This critical global partnership between government, industry and academia was launched to advance the development and adoption of standards to automate...