Advisors // Greater Boston
Schedule Briefing
Advisory & Fractional CISO Services

Security risk,
deciphered.
Business outcomes,
delivered.

Bridging the gap between technical complexity and executive decision-making — for mid-market companies, PE portfolio companies, and leadership teams that need a seasoned security partner.

Schedule a Strategy Briefing View Services
Eric Galis
Eric Galis
Cybersecurity Advisor & Fractional CISO
20 years securing enterprises and SaaS platforms across financial services, edtech, and publishing.
Former SVP & CISO, Cengage Group — built risk-aligned security and compliance functions
Vice-Chair, BostonCISO Advisory Board
Former PricewaterhouseCoopers consultant across 20+ financial services clients
★ 2025 Boston Enterprise CISO ORBIE Award Winner
$20M+
Revenue secured via compliance milestones
$10M+
Revenue protected from critical audit failure
80%
Reduction in incident resolution time
20yr
Enterprise cybersecurity track record
01 // Offerings

Where we work

Engagements are scoped to your actual situation - whether that's advisory services, a specific program gap, due diligence support, or a fractional CISO role.

// 01

AI-Enabled Product Security

Automating the security grind to maintain cybersecurity & product velocity — modern, high-scale practices.

  • AI-Powered Security Pipeline Implementation
  • Agentic False Positive Analysis
  • Automated Code Remediation & SAST/DAST Integration
  • Supply Chain Integrity & SBOM
  • Security Questionnaire Automation
  • Open-source tooling strategy
// 02

Strategy & Risk Management

Framework-aligned roadmaps and board-ready risk reporting for leadership teams that need security to function as a business enabler.

  • Fractional CISO Leadership
  • NIST CSF 2.0 & Compliance Readiness
  • Risk Quantification & Executive Reporting
  • 18-Month Strategic Roadmaps
  • Board & Audit Committee Briefings
  • Leadership Tabletop Exercises
// 03

GRC & Audit Readiness

From first-time compliance programs to recovery from a failed audit — structured, repeatable governance.

  • SOC 2 Type 2 Program Design
  • Partner & Customer Audit Recovery
  • IT General Controls (ITGC) Implementation
  • Policy Development & Rewrite
  • Vendor Risk Management
// 04

PE & VC Portfolio Advisory

Security diligence and rapid program assessment for investors.

  • Pre-Acquisition Security Diligence
  • Post-Close Program Assessment
  • Interim Security Leadership
  • Risk Posture Reporting for Investment Committees
  • Security as a Value Creation Lever
02 // About

The plaintext version

Most security advisors speak to CISOs. I speak to CFOs, CTOs, and board members — translating technical risk into business decisions that protect revenue, enable growth, and satisfy auditors.

I've built security programs from scratch in resource-constrained environments and scaled them eight-fold. My approach is direct, outcome-focused, and grounded in 20 years of doing this work.

Start a Conversation
// AWARD

2025 Boston Enterprise CISO ORBIE Award

Recognizing outstanding technology leadership in the Greater Boston market.

// BOARD

Vice-Chair, BostonCISO Advisory Board

Active participant in peer leadership and industry direction since 2024.

// PREV

SVP & CISO, Cengage Group (2017–2025)

Led 32-person security function, $9M budget, 15M+ end users.

03 // Contact

Ready to move from
ciphertext to plaintext?

Engagements typically begin with a no-cost 30-minute strategy briefing.

EMAIL eric@plaintextadvisors.com
PHONE (617) 752-1230
LOCATION Greater Boston, MA
LINKEDIN linkedin.com/in/ericgalis