Risk Management and Compliance


Defy Services

Simplifying compliance complexity

With multiple compliance obligations and operating in a new age of accountability, security leaders understand that compliance must be an integral feature of any security and risk program. We make sure your compliance strategy is seamlessly integrated into your processes, reinforced in your controls and operations, and clearly documented.


Cost-effective strategies

We make sure your architecture reflects best practices and is structured to respond to complex and ever-changing compliance requirements over time.


Clear documentation

We provide complete and clear documentation defining the controls that you need to meet compliance requirements and communicate with stakeholders.


A whole-system approach

Great processes only work when the right controls are in place. We make sure you’re compliant—and more important, secure.

Key Feature

Compliance made certain

We assist organizations maximize their security posture while maintaining compliance requirements. These include, but aren’t limited to GDPR, HIPAA, HITRUST, CCPA, PCI, ISO, SOC2 and FedRamp.

Meet The Team

Josh Johnson headshot

Josh Johnson, VP Architecture and Engineering

With nearly 15 years in cybersecurity, digital forensics, email security and IR, Josh Johnson joined Defy for the freedom to work on behalf of customers to solve their problems. “For me, it’s all about building trust—with vendors, with customers and with our team,” Johnson says. “On top of technical expertise, strong relationships and communication are key to delivering value.”