top of page


Manage Information Security Holistically

A robust information security program provides the foundation for your organization. With Blacksmith, you can get a fully developed cybersecurity program in minutes. Craft custom security policies. Provide security awareness training to your staff. Track your user's policy acknowledgement and training completion. Get a prioritized security roadmap, unique to your organization. Track and manage your business' risk. One tool, one low price. 


Every small business in America needs this software.

— David Beylin

Executive Director, LONGMILE Veterinary Imaging

  • LinkedIn

Want to learn more?  Watch this 2-minute demo

Why choose us for your security program?

Our team of cybersecurity experts has decades of experience building security programs at companies of all sizes. We know how to craft a security program correctly from day one so that it scales with your business. We have been through dozens of security audits for SOC2, ISO-27001, NIST 800-171, CMMC, and others and we have run security teams for NIST CSF and HIPAA compliant companies. This experience led us to develop a comprehensive tool to simplify the process, specifically built and priced for small businesses that aren't sure how to get started and can't afford consultants and expensive tools. 

What is an information security program, you might ask. It's how your organization documents and communicates your plan for defending your organization's data and information. It consists of information security policies and procedures, security awareness training and risk awareness for your users, and a risk management program.  Without one, your business may not be eligible for cyber liability insurance or may have to pay exorbitant rates for cyber insurance premiums, so its definitely in your best interest to start investing in cybersecurity today.

The customizable information security policies produced by Blacksmith InfoSec are designed to be completed quickly - most customers can publish a full suite of necessary security policies in under an hour - and are specifically written to satisfy the controls for the compliance frameworks you've selected. Best of all, as your compliance needs change, you can quickly add those frameworks to your security policies to make sure your business evolves naturally over time. Our templates are written with security professionals and auditors in mind, meaning you'll be able to pass a security audit with your generated policies without trouble. However, we also appreciate that not everyone speaks security, so we've added explainer text to policies to make sure you understand the what, why, and how of the policies. And each of our templates includes only a few variables to change with rational defaults pre-selected to ensure your policies are compliant with the security frameworks you need with security controls that will pass even the strictest audits.


Our security policies form the backbone of your security program and allow us to automatically generate a security roadmap that is customized and prioritized for your organization. After all, having security policies in place is just the first step; implementing those security controls is the journey. We appreciate that you're operating your business on a limited budget, so we provide the tools you need to take a DIY approach towards compliance. If you ever need help implementing one of the controls, just reach out. Our support team can't do the work for you, but we can help you understand what's needed and how to accomplish it.

Blacksmith InfoSec provides security awareness training for your users as part of our SaaS application. By default, all users will take a standard security awareness training that covers topics like phishing, safe browsing habits, and general online safety. For users who require it, we also offer HIPAA and Controlled Unclassified Information (CUI) training. Which training is available to your users is based on which security frameworks you want to be compliant with.

Part of creating a compliant, robust security culture is ensuring that your users know about your policies. Blacksmith tracks when users view and acknowledge your security policies and security awareness training to ensure your organization gets compliant and stays compliant. This allows your administrators to get a quick view of the state of your organization and know where to focus their energy most effectively in securing your business.

Often overlooked in security compliance is your Risk Management Program. This is an essential aspect of all security compliance frameworks, and is the most common gap we find when evaluating security programs. Fortunately, risk management is baked into Blacksmith InfoSec so you can easily track your organization's risks and maintain a holistic view. By tracking risks, you can start to make risk-informed decisions for your business. 

Best of all, these tools come packaged in a single, intuitive SaaS platform so you can take ownership of your security program at a price that any company can afford. If you need help, our team of security experts is standing by with advice and/or referrals into our partner network. So what are you waiting for? Get started with Blacksmith today!

bottom of page