FAQ

FAQ

Clear, straight answers about our services and how we work.

General

What does Cyber Craft Solutions do?

Practical cybersecurity and AI consulting for SMBs: assessments, pen tests, cloud reviews, compliance help, and training. Plain English, fix-first outputs.

Who do you work with?

SMBs and select enterprise teams. Local focus in Lancaster, PA (Central PA) and remote across the U.S.—DIB, manufacturing, healthcare, and SaaS/cloud.

How do I know if we need help?
  • Handle payment, health, or other sensitive data
  • Use M365/Google/AWS/Azure
  • Have HIPAA/PCI/CMMC/NIST/CIS obligations
  • No recent review or pen test (>12 months)

Services & assessments

What is a vulnerability assessment?

Find known issues in networks, systems, apps, and cloud. You get a risk-ranked list with clear remediation steps.

How is that different from a pen test?

Assessment finds cracks. Pen test attempts realistic paths through them to show impact and proof.

Do you perform penetration testing?

Yes—authorized, scoped testing with fix-first reporting and evidence for auditors.

Which frameworks do you support?
  • PCI DSS, HIPAA
  • CMMC L2, NIST CSF, CIS Controls
  • PII / privacy best practices

Pricing & working together

How much do services cost?

Scope-based. After a short call, we give a clear range. Free initial consult. Bundles and retainers available.

Do you offer retainer / vCISO?

Yes—ongoing guidance, control upkeep, compliance check-ins, and incident readiness.

Process

What does the engagement look like?
  1. Consult: goals and scope
  2. Assess/Test: evidence, scans, or pen test
  3. Report: prioritized fixes + artifacts
  4. Enable: help landing changes (optional)

Security & confidentiality

Can you guarantee we won’t get hacked?

No one can. We reduce risk with layered, evidence-based controls and habit changes.

Will assessments disrupt operations?

No. Scans and reviews are low-impact. Pen tests are scheduled and coordinated to avoid downtime.

Is our data safe with you?

Yes. NDA by default, need-to-know access, and secure handling of all artifacts.

Getting started

How do I reach you?

Email: [email protected]
Phone/Text: (717) 638-1223

Where are you located?

Lancaster, Pennsylvania. We work locally and remotely across the U.S.

Do you support remote engagements?

Yes. Most work is remote; onsite when needed.

Still have a question?

Contact us