Our Team

Compliance Cloud Solutions is comprised of a team of experts with deep InfoSec experience across the government and private sectors. Throughout our careers we have managed and led audit and compliance engagements for government and commercial clients in a variety of industries. We have seen how difficult it can be to build and maintain audit results with existing solutions. This result is too much time spent juggling Excel sheets and not enough time to deliver impactful results. Outside of audit and compliance, our team has extensive experience in other strategic services such as penetration testing, adversary simulations, table-top exercises, and security engineering. Our background makes us uniquely qualified to guide your business in navigating and addressing ever changing cybersecurity requirements in both the commercial and Federal sectors.

Zac Davis

Zac Davis is co-founder and Chief Operating Officer (COO) of Compliance Cloud Solutions (CCS). He has deep experience identifying and solving complex information security problems. The focus of his expertise lies in offensive security operations with experience spanning an array of industries and verticals. Zac’s experience allows him to provide a unique perspective on the information security landscape for CCS clients by identifying real-world security risks and their implications. In doing so, Zac architects solutions to remediate these risks while meeting risk management and compliance objectives.

Chief Operating Officer

Todd Bartos

Mr. Bartos is the founder and owner of The Bartos Group LLC, and serves as the company’s Outside General Counsel, responsible for CCS’s core legal function. As a concierge general counsel, Mr. Bartos is responsible for all of the legal needs of growing and mature companies, including management of outside counsel and controlling outside legal spend. Mr. Bartos has built companies from the ground up, providing daily guidance on regulatory and compliance matters, employment law, HR, privacy (including EU and California privacy), data security, data retention and corporate risk matters, and fiduciary advice to executives and board members. He frequently structures and closes commercial transactions and financings, including seed stage and Series A and B rounds using convertible debt, equity and SAFE transaction structures. Mr. Bartos received his JD from the University of Pittsburgh School of Law and his BA in Anthropology from Franklin and Marshall College.

Outside General Counsel

Nick Eubanks

Nick is the CoFounder and a General Partner at Super Limited, a venture studio in Philadelphia. He is currently the Founder and Head of Strategy at From The Future, CoFounder and Partner at Traffic Think Tank, a Partner at In Between The Lines Therapy and Wellness, and an active angel investor. When he isn’t launching new companies he’s spending time with his spouse, dogs, or cars.

Executive Advisor, SEO and Marketing

Chad Jenkins

Chad Jenkins is a veteran, an entrepreneur, and a high-energy enthusiast. Hecurrently runs a security consulting company and a family-owned governmentcontracting business.After graduating from the United States Military Academy at West Point and leadingthe Black Knights as Army’s quarterback, Chad was commissioned as an Infantryofficer in the United States Army. Upon successful completion of Ranger School,Airborne School and Air Assault School, he was deployed with the 10th MountainDivision to Iraq for one year.Following his return to U.S. soil, Jenkins joined the 75th Ranger Regiment, the mostdedicated and lethal fighting force in the U.S. Army. He led the Rangers during threemore deployments to Iraq as a Platoon Leader and Ground Force Commander.Jenkins was deployed a total of four times and was awarded three Bronze StarMedals for hisservice to his country.When he departed the military, Jenkins joined the Federal Bureau of Investigation(FBI). After graduating academic valedictorian from the FBI Academy in Quantico,Virginia, Jenkins wasassigned to the South Florida Joint Terrorism Task Force (JTTF)as a Special Agent. His impact on several high-profile cases led to the successfuldisruption of potential acts of terrorism.Jenkins is one of the subjects featured in the book, ‘All American: Two Young Men,The 2001 Army-Navy Game And The War They Fought In Iraq’ by New York Timesbestselling Author SteveEubanks, which released in the Fall of 2013. Chad recentlyco-hosted an investigative reality series with the Discovery Channel titled ‘TruthBehind the Moon Landing’ and he frequently appears as a commentator on cablenews outlets discussing national security matters. He resides with his family inDublin, Ohio.

Executive Advisor

Rhett Asher

Rhett has over twenty-five years of leadership in retail, operations, sales, business development and trade associations.

Key Experience:

  • Held Vice President positions at National Retail Foundation (NRF), Retail Industry Leaders Association (RILA), Food Marketing Institute (FMI).
  • Co-founded the Loss Prevention Foundation to create a robust industry certification for asset protection professionals.
  • Served on Commercial Facilities Sector Coordinating Council and the Food and Agriculture Sector Coordinating Council for the Department of Homeland Security.
  • Chairman, Board of Directors International Supply Chain Protection Organization (ISCPO).

Executive Advisor, Supply Chain and Retail

Value Proposition

Interpreting the Compliance Controls:

  • Challenge – The assessment questions and control descriptions are technical and can be difficult to interpret
  • Benefit – We use our process and tool to guide you through an intuitive set of questions that map back to the controls.

Answering the Compliance Questions:

  • Challenge – Answering the questions is ambiguous at best and at worst a lack of understanding may result in an inaccurate assessment
  • Benefit – Using our experience as technical control auditors and cyber security experts, we explain the context and rationale behind each control question – and why it’s relevant to you!

Developing Compliance and Remediation Deliverables:

  • Challenge – The required System Security Plan (SSP) and Plan of Actions and Milestones (POAM) deliverables must results-based, thorough, accurate, and actionable.
  • Benefit – We are experienced in simulating Advanced Persistent Threat (APT) attackers, we provide a unique perspective on how to best shore up your defenses.

Identifying Your Score:

  • Challenge – Your assessment score is only as accurate as your answers reflect your security infrastructure.
  • Benefit – Our knowledge and experience set will help you accurately assess your compliance and provide you the best foundation for your SSP and POAM deliverables.

Why Our Assessment Tool is Unique:

Our assessment tool is designed around intuitive questions that are mapped back to the controls, speeding up the assessment process and providing a comprehensive, non-technical understanding of each control and your results.

As security compliance auditors we understand how to make the process understandable, and expedient while allowing for a comprehensive and accurate result. We know what works and what doesn’t…..

As offensive security experts, we can explain your results – and vulnerabilities – from the perspective of an Advanced Persistent Threat (APT) attacker to help prioritize your remediation.

Why Work With Us?

We will provide you explanations where it matters most (e.g. what happens if I’m not compliant? What do I need to do to become compliant? What does my score mean for my security posture?). We guide you through the assessment using our tool and depending on your need help you complete your required System Security Plan (SSP) and remediation Plan of Actions and Milestones (POAM).

What You Will Receive

How can we support you through the process:

The process is daunting, the controls ambiguous and non-intuitive, and the need to get it right is crucial to your business. We guide you through the assessment process explaining the controls and answering questions each step of the way.

Step 1 :

Gather information — we will work with you using our tool and walk you through the full process

Step 2 :

Receive deliverables — includes customized compliance dashboard, and partially completed POAM and SSP

Step 3 :

Engage Us Further — receive tailored support to complete all required deliverables and any other needs

Step 4 :

Submit Results — you are responsible for submitting completed deliverables to the DoD