🛡️ Cybersecurity without the headache

About NonaSec

Straightforward security consulting from people who've been there

Leadership & Experience

Delivering enterprise-grade cybersecurity expertise through hands-on experience and proven results.

Chris DiSalle, CISSP - Founder and Principal Consultant at NonaSec

Chris DiSalle, CISSP

Founder & Cybersecurity Strategist

Connect on LinkedIn

With over 17 years in the trenches of cybersecurity—not writing about it, not theorizing about it, but actually doing it—Chris brings experience across military, defense, and commercial environments. From defending critical infrastructure to leading incident response investigations for Fortune 50 companies, he's seen what works and what doesn't.

His career spans building enterprise security programs, managing critical infrastructure for programs worth billions of dollars, and developing insider threat detection systems with automated forensics capabilities. Chris has contributed to threat intelligence investigations in collaboration with intelligence specialists and works extensively with artificial intelligence to enhance digital forensics and incident response capabilities.

His work has been featured in The New York Times for critical cybersecurity investigations, and he has appeared on multiple podcasts discussing emerging security trends and threat intelligence.

As founder of NonaSec, Chris delivers enterprise-grade security expertise through a boutique model — combining technical depth, operational leadership, and strategic insight to help organizations strengthen resilience against evolving threats.

Professional Certifications

Industry-leading certifications ensuring expertise stays current with evolving threats and best practices

Who We Serve Best

We specialize in helping growing companies (50-500 employees) in healthcare, SaaS, and professional services achieve compliance and strengthen their security posture without breaking the bank or overwhelming their teams.

Growing Companies

Companies with 50-500 employees who need enterprise-level security expertise but don't have the budget for Big Four consulting fees.

Compliance-Driven

Organizations facing HIPAA, SOC 2, PCI DSS, or other regulatory requirements who need practical guidance, not just checkbox audits.

Results-Focused

Leadership teams who want actionable security improvements, not 200-page reports that sit on shelves gathering dust.

How We're Different

Unlike firms that hand you a 200-page report and disappear, we provide prioritized 90-day action plans with ongoing support to ensure you actually implement improvements.

Actionable Deliverables

Instead of overwhelming reports, you get clear priorities with specific steps, responsible parties, and realistic timelines. Plus weekly check-ins for the first month.

Same-Day Decisions

Need to adjust scope mid-project? Want to add a new requirement? No committee meetings or change order delays—just a quick conversation and we adapt immediately.

No Junior Staff

Every hour you pay for is delivered by someone with 17+ years of hands-on experience. No recent graduates learning on your time or inflated bills for basic work.

Implementation Support

We don't just identify problems—we help you fix them. From policy templates to vendor selection guidance, we stay engaged until your security program is running smoothly.

Our Approach to Confidentiality

You won't find a client list on our website. That's intentional. The best security is invisible, and our clients prefer it that way. Every engagement starts with a mutual NDA—your security challenges, business strategies, and even the fact that you're improving security all stay confidential.

We protect your information with the same rigor we recommend for your business. Encrypted communications, secure file transfer, and strict access controls aren't just things we preach—they're how we operate every day.

Let's Discuss If We're the Right Fit

Every engagement starts with a conversation. No sales pitch, no pressure—just an honest discussion about your challenges and whether we can help.

What to Expect from Our Consultation:

1.
30-minute discovery callUnderstand your current challenges and goals
2.
Honest assessmentWe'll tell you if we can help (or who can)
3.
Detailed proposalClear scope, timeline, and fixed pricing
4.
Zero pressure decisionTake your time to review and decide

Common questions we address upfront: Budget ranges, typical timelines, team availability requirements, and whether your situation is a good fit for our expertise.

Schedule Your Free Consultation