Henry County & Metro Atlanta, GA

Your business
has blind spots.
Let's find them
before they do.

I'm a senior cybersecurity engineer based right here in Locust Grove. I'm the same person who secures a Fortune 500 company's entire network every day. Now I bring that same expertise to local small businesses, at a price that actually makes sense.

Book a Free 15-Min Call See why it matters ↓
CISSP Certified
No monthly contracts
Local to Henry County
First call always free
Background & Credentials
CISSP
Certified Information Systems Security Professional
The gold standard in cybersecurity. Held by fewer than 160,000 people worldwide. Required by the U.S. Department of Defense.
GCIH
GIAC Certified Incident Handler
Trained in how breaches happen and how attackers operate — which makes prevention far more effective.
SEC+
CompTIA Security+
Industry-standard security certification.
B.S.
B.S. Cybersecurity — Univ. of North Georgia
Academic foundation in security, networks, and systems.
Why small businesses trust me
🏠
Local to Henry CountyI live here. I'm not a faceless company billing you from Atlanta.
🎓
The highest certification in the fieldCISSP: required by the DoD, held by fewer than 160,000 people worldwide.
💼
5+ years at Fortune 500 scaleI secure a major Southeast utility company's entire network every single day.
💬
No jargon, no upsellPlain-English reports. Honest answers. No monthly contracts unless you want one.
Daily enterprise work
Endpoint Detection & Response
Identity & Access Management
Security Information & Event Management
MITRE ATT&CK Framework
Zero Trust Architecture
Security Automation & Scripting
Real scenarios — closer than you think

It's not a matter of if.
It's a matter of when.

Small businesses are attacked every 11 seconds in the U.S. Not because they're personally targeted. Because they're the easiest door on the street. Here's what it actually looks like.

Contractors & Trade Businesses
The vendor email that cost $40,000

It's a Tuesday morning. You get an email from what looks like one of your suppliers — same email address, same signature. Says they've updated their bank account. You make the change in QuickBooks and send the next payment. Two weeks later your vendor calls asking where their money is. It went to a hacker overseas. The bank almost never reverses it. That's vendor email compromise. It wipes out small contractors every single day.

$40,000+ average loss per vendor fraud incident
Retail Stores & Restaurants
The Monday morning everything is locked

You come in on a Monday, open your computer, and everything is encrypted. Your customer list, inventory, accounting — all locked with a ransom demand for $8,000 in Bitcoin. You call IT. They say your backup hasn't run in six months. Your register is down. You can't take a single payment. Most businesses in this situation were never specifically targeted. They were just the easiest door on the street.

60% of small businesses hit by ransomware close within 6 months
Medical & Dental Offices
The HIPAA breach letter you never want to send

A patient calls your front desk furious. Their identity was stolen, and your office is the only place with all their information. Now you have a HIPAA breach, a potential lawsuit, and a letter you're legally required to send to every patient you've ever seen. Federal fines start at $100 per record. With 2,000 patients, that's $200,000 minimum, before you speak to an attorney. The cause? One clicked link in one phishing email.

$200,000+ minimum HIPAA fine for a 2,000-patient practice
Real Estate & Financial Professionals
The wire transfer that vanished at closing

A hacker monitors your email silently for weeks. The moment a closing is scheduled, they send your client an email that looks exactly like it came from you — with new wiring instructions. Your client transfers $85,000 to the hacker's account. Gone within hours. The FBI recovers less than 30 cents on the dollar even when they move immediately. Wire fraud is the fastest-growing financial crime targeting real estate professionals.

$2.9 billion lost to wire fraud in the U.S. last year
What's included

A real audit.
Not a checklist.

Most IT guys hand you a generic PDF. I do what enterprise security teams do: find actual vulnerabilities in your specific environment and tell you exactly what to fix first.

01
Email & Phishing Exposure

85% of breaches start with email. I'll check whether your domain can be spoofed to trick your customers or vendors, review your email security configuration, and assess how exposed you are to phishing attacks right now.

02
Password & Account Access

Who has access to what — and should they? I'll review all accounts, find stale or orphaned logins, check for missing multi-factor authentication, and flag the access points an attacker would go to first.

03
Network & Wi-Fi Testing

One unsegmented network means a customer's phone has the same access as your accounting computer. I'll test your router configuration, guest network separation, and firewall settings on-site.

04
Device Security Check

Every computer, tablet, and device connected to your business is a potential entry point. I'll look at all of them: outdated software, missing protection, unencrypted drives, and rank the highest-risk ones.

05
Cloud & Software Accounts

Every cloud app you use — accounting, storage, email, scheduling — is an attack surface. I'll map your full software footprint and check for misconfigured permissions that could expose your business data.

06
Report, Roadmap & Follow-Up

A plain-English written report with every finding, its real risk level, and a prioritized fix list. What to handle this week, what can wait. Includes a 45-min walkthrough call and a 30-day check-in.

Who this is for

You don't have an IT department.
You have a business to run.

Designed for small businesses in Henry County and Metro Atlanta that hold customer data, process payments, or handle anything that would hurt, financially or reputationally, if it fell into the wrong hands.

🏥
Medical & Dental Offices

HIPAA compliance isn't optional. It's federal law. Patient data is among the most valuable on the black market. One breach means six-figure fines and a letter to every patient you've ever treated.

🏡
Real Estate Agents

Wire fraud specifically targets real estate professionals because of the large transaction amounts. Your email inbox may be the single most dangerous thing in your business right now.

⚖️
Law & Accounting Firms

You hold sensitive client data that criminals will pay serious money for. State bars and the IRS take data breaches seriously. You need more than an off-the-shelf antivirus subscription.

🛒
Retail & Restaurants

Point-of-sale systems, customer Wi-Fi, and payment data are all active targets. Most retail breaches are discovered by card networks — not the business owner — months after the fact.

About Zach Kennedy

I do this for a Fortune 500.
Now I do it for you.

I've spent 5+ years as a full-time cybersecurity engineer protecting one of the largest utility companies in the Southeast. I hold the CISSP, the most rigorous certification in cybersecurity, required by the U.S. Department of Defense and held by fewer than 160,000 people worldwide. I live in Locust Grove, I know this community, and I started Kennedy Cyber because small businesses here deserve the same level of protection big companies pay millions for, at a price that actually makes sense.

What I protect you from
📧
Email fraud & phishing
Fake invoices, spoofed vendors, wire transfer scams. Most breaches start in your inbox.
🔒
Ransomware & data loss
Automated attacks that lock your files and demand payment. Most victims never saw it coming.
🔑
Stolen passwords & account takeover
Weak passwords, reused credentials, and missing account protections are open invitations.
📡
Network & Wi-Fi vulnerabilities
An unsecured network can give anyone in your parking lot access to your business systems.
💳
Payment & customer data exposure
Your customers trust you with their information. A breach doesn't just cost money. It costs that trust.
⚖️
Compliance & legal exposure
HIPAA, PCI, and state privacy laws carry real fines. I'll tell you where you stand before a regulator does.
What your audit report looks like
Sample findings: local small business audit
8 issues found
CRIT
No multi-factor authentication on email
~15 min fix
CRIT
Domain spoofable — email records missing
~30 min fix
CRIT
3 devices with no security protection
~1 hr fix
HIGH
Guest Wi-Fi shares network with register
~45 min fix
HIGH
Former employee still has full access
~10 min fix
HIGH
Accounting software backup not set up
~20 min fix
MED
Operating system updates 4 months behind
This week
MED
Router using factory default password
~5 min fix
Most critical fixes take under 2 hours. Many are free.
Get your audit →
Local. Independent. No upsell.

I'm not an MSP trying to lock you into a monthly contract. I'm not a software company trying to sell you a platform. I'm a neighbor with a CISSP who will look at your actual systems, tell you honestly what's broken, and give you a prioritized plan to fix it, whether that costs $50 or $5,000. No fluff. No scare tactics beyond what's real.

Packages & pricing

Flat-rate. No surprises.
No contracts.

You know exactly what you're getting before we start. No hourly billing, no scope creep, no ongoing commitment unless you want one.

Starter Audit
$499
One-time · Fully remote
  • Email security check (spoofing, records, config)
  • Password & account access review
  • Cloud & software permissions audit
  • Dark web credential exposure check
  • Written findings report
  • 30-min walkthrough call
Get Started
Most Popular
Full Audit
$999
One-time · Remote + on-site visit
  • Everything in Starter
  • On-site network & Wi-Fi testing
  • Full device security assessment
  • Phishing exposure analysis
  • Prioritized remediation roadmap
  • 45-min walkthrough call
  • 30-day follow-up check-in
Book Full Audit
Ongoing Retainer
$499
Per month · Cancel anytime
  • Quarterly re-assessment
  • Monthly threat advisory update
  • Employee phishing awareness tips
  • Priority email support
  • Annual full audit included
  • Priority response on security incidents
Learn More
Common questions

Straight
answers.

No jargon, no runaround. If you have a question not listed here, just ask.

How is this different from my current IT company?
Most IT companies are focused on keeping your systems running — fixing computers, setting up printers, managing software. That's their job, and it's different from security. A security audit is specifically about finding the vulnerabilities an attacker would exploit. Think of it like the difference between a mechanic who keeps your car maintained and a safety inspector who checks whether it would protect you in a crash. I'm the safety inspector. I'm not here to replace your IT company — I'm a second set of eyes with a different lens.
Do I need to understand technology to get value from this?
Not at all. The entire report is written in plain English — no acronyms, no jargon. Every finding comes with a real-world explanation of what it means for your business, not a technical description of what it is. If I can't explain it to you in a way you understand, I haven't done my job.
How long does the audit take?
For the Full Audit, expect about 2–3 hours of your time split across a few touchpoints — a short intake call, an on-site visit (usually 1–2 hours), and a walkthrough call when the report is ready. The remote pre-work I handle on my end without needing your time. Most clients have their final report within 5–7 business days of the on-site visit.
After the audit, do I have to fix everything myself?
No. The report tells you what to fix, why it matters, and roughly how long each fix takes. Some things I can walk you through during the 45-min call. Others you can hand to your IT person or fix yourself — many of the most critical issues take under 15 minutes. For anything that requires outside help, I'll tell you exactly what to ask for so you don't get oversold.
Is my business too small for this to matter?
This is the most common misconception, and it's exactly why small businesses get hit. Hackers don't manually target you. Automated tools scan millions of systems looking for easy vulnerabilities. Size doesn't protect you — locked doors do. A 4-person accounting firm with good security is far safer than a 40-person one with bad habits. The smaller your business, the less ability you have to recover from a breach. That's precisely why getting ahead of it matters.
What if the audit finds nothing wrong?
That's a great outcome — and I'll tell you that honestly. You'll get a clean report, peace of mind, and the confidence to tell your clients and customers that your business takes their data seriously. In my experience, most small businesses have at least a few items worth addressing, but the severity varies. You won't be pressured to buy anything additional. The audit is the product.
Get started

The first call is
always free.

15 minutes. No pressure, no obligation. Tell me about your business and I'll tell you honestly what your risk looks like — even if that answer is 'you're in good shape.'

Email Me to Schedule a Call
Email
Phone
770-504-6858
Location
Locust Grove, GA