πŸ‡ΊπŸ‡ΈMiamiπŸ‡ΊπŸ‡ΈOrlandoπŸ‡ΊπŸ‡ΈLos AngelesπŸ‡¨πŸ‡¦VancouverπŸ‡¨πŸ‡¦Toronto
1-855-KOO-TECH
KootechnikelKootechnikel
Search⌘KFree Health Check
Insights Β· Field notes from the SOC
Plain-language briefings from the people watching the alerts.
Weekly Β· No spam
Read4
Field GuideNewEngineer-written playbooks.β†’Blog & Field NotesWeekly threat briefings.β†’WhitepapersDeep dives on Secure AI, Zero Trust.β†’Case StudiesReal clients, real numbers.β†’
Watch & listen3
WebinarsMonthly Β· live Q&A with the team.β†’PodcastNew"Stronger.Smarter" Β· biweekly.β†’Quick Clips90-second how-tos on YouTube.β†’
Use3
Free Vulnerability Scan30-sec domain + email check.β†’Compliance ChecklistsSOC 2, HIPAA, PCI printable.β†’ROI CalculatorEstimate cost-of-incident savings.β†’
New series
Field Guide
Engineer-written playbooks for the problems 30-100 person companies actually hit.
MFA rollouts, SOC 2 timelines, M365 backup, HIPAA/PHIPA, CIS Controls, AI governance β€” specific, narrow, practical.
Open the Field Guide
Subscribe to weekly β†’All resources β†’
NO SPAM Β· UNSUBSCRIBE IN ONE CLICK
Anonymized sample.Numbers are illustrative; client name + sector composite. The structure, cadence, and depth match what real Kootechnikel vCIO clients receive each quarter.
Quarterly Strategy Review

Q2 2026 vCIO Report

Composite mid-market client Β· Mid-market manufacturing Β· Greater Toronto Area, plus US plant

Employees
220
Sites
3
Relationship
14 months
Owner
Senior Engineer Β· CISSP
01 Β· Executive summary

Headline + asks

Overall: Watch

On-track on every metric we publish, with one strategic risk that needs leadership decision this quarter.

Biggest win this quarter

Annual ransomware tabletop drill ran clean against the new playbook. SOC 2 Type II audit passed with zero findings.

Biggest risk on the table

Legacy ERP system reaches end-of-life Q4 2026. Vendor stops issuing security patches. Migration scoping needs board approval this quarter.

Decisions we’re asking for
  • Approve Q3 hardware refresh budget
  • Decide ERP migration kickoff date β€” July recommended
  • Decide Copilot rollout scope (50-seat pilot vs 220 enterprise)
02 Β· Risk register

Open + recently closed risks

IDAreaSeverityStatusETANote
R-2026-04Legacy ERP systemopenQ4 2026Vendor patch cycle ends Sept 2026. Migration plan drafted; needs board approval.
R-2026-05Plant 2 Wi-Fi infrastructureWatchin-progress2026-06-15Replacing aging APs; OT segmentation review in progress.
R-2026-06Privileged access managementWatchin-progress2026-05-30JIT elevation rolling out to remaining 3 admin accounts.
R-2026-07Backup verification cycleOn trackclosedClosed Q1Weekly restore tests automated. Q1 spot-check passed clean.
03 Β· SLA performance

Actual vs target + 12-week trend

  • P1 incident response < 1hr
    12-week trend
    100% actual100% targetβœ“
  • Tickets touched within 15 min
    12-week trend
    94.2% actual95% target
  • Monitored infrastructure uptime
    12-week trend
    99.97% actual99.9% targetβœ“
  • Same-day callback acknowledgement
    12-week trend
    100% actual100% targetβœ“
  • On-site arrival GTA < 2hr
    12-week trend
    98% actual95% targetβœ“
04 Β· Project pipeline

Quarterly horizon β€” start, completion, impact

Q2 2026Q3 2026Q4 2026
  • M365 β†’ E5 license consolidation
    in-flight Β· 75%
  • Plant 3 firewall replacement
    in-flight Β· 40%
  • Copilot pilot β€” engineering team (12 seats)
    kickoff Β· 5%
  • ERP migration scoping
    discovery Β· 15%
  • Annual DR drill
    scheduled Β· 0%

  • M365 β†’ E5 license consolidation

    Q2 2026

    Consolidates Defender + Purview + Power BI under one SKU. Per-seat saving estimated at low-double-digit %.

  • Plant 3 firewall replacement

    Q2 2026

    Replacing EOL Fortinet appliance; new zero-trust segmentation policy + reduced PCI scope.

  • Copilot pilot β€” engineering team (12 seats)

    Q3 2026

    Validates ROI + governance model before broader-rollout decision.

  • ERP migration scoping

    Q3 2026

    High urgency β€” current platform EOL Q4. Discovery determines fixed-fee vs T&M scope.

  • Annual DR drill

    Q4 2026

    Full failover from primary site to AWS DR region. Last drill (Q4 2025) passed; RTO 3.4hr against 4hr target.

05 Β· Investment recommendations

Where to spend next

  • ERP migration kickoff (URGENT)

    Must do
    Cost band $$$Return horizon: 12-18 months

    Current ERP loses vendor support Q4 2026. Unpatched CVEs after that date materially raise insurance premiums and breach exposure. Migration cost is non-discretionary.

  • Copilot expansion to all 220 seats

    Should do
    Cost band $$Return horizon: 6 months

    Pilot data lands Q3. Engineering team productivity expected to lead the case. License consolidation in current E5 plan reduces marginal cost.

  • Plant Wi-Fi refresh + OT segmentation

    Should do
    Cost band $$Return horizon: Immediate

    OT/IT segmentation enables PCI scope reduction at retail-facing sites. Reduces cardholder data environment by an estimated 60%.

  • Optional: Defender for Cloud Apps for SaaS sprawl visibility

    Optional
    Cost band $Return horizon: 3 months

    Discovery audit found 47 unauthorized SaaS apps in use. Visibility is the precondition to governance.

06 Β· Compliance posture

Where we stand on each framework

  • SOC 2 Type II

    Audit passed

    Q1 audit completed with zero findings. Continuous evidence collection via Vanta running. Next audit window: Q1 2027.

  • CIS Controls v8 (IG2)

    Aligned

    IG2 baseline maintained; IG3 controls mapped, not yet enforced (decision deferred to next vCIO cycle).

  • ISO 27001

    Aligned

    Internal ISMS in place; client deferred external audit to 2027 to coincide with ERP migration completion.

  • PCI-DSS 4.0

    Attention

    Plant 3 firewall refresh closes the last remaining gap. Compliant once project completes (Q3 2026).

07 Β· Stack snapshot

What's under management

  • 247endpoints
  • 235identities
  • 3sites
  • 2cloud tenants
  • 365dbackup retention

EDR coverage: 100% of corp endpoints + compensating monitoring on OT

08 Β· Cost governance

Composition + spend trend + optimization finds

Microsoft 365 + Azure: 42%AWS workloads: 18%Endpoint security stack: 16%Backup + DR: 12%VoIP + comms: 7%Other tooling: 5%100%ALLOCATED
  • Microsoft 365 + Azure42%
  • AWS workloads18%
  • Endpoint security stack16%
  • Backup + DR12%
  • VoIP + comms7%
  • Other tooling5%
-7% vs Q1Quarterly cloud spend
Optimization finds this quarter
  • 4 dormant Azure VMs in eastus2 β€” recommended decommission
  • 23 unused E3 licenses identified β€” recommend reclaim or downgrade to E1
  • AWS S3 lifecycle policies missing on 2 buckets β€” cold tier saves low-4-figures/yr
  • Power BI Premium capacity rightsized β€” confirmed pre-implementation
09 Β· The ask

Decisions for leadership this quarter

  1. 01Approve ERP migration discovery budget (cost band $$$) β€” kickoff July
  2. 02Decide Copilot rollout scope: 50-seat pilot vs 220-seat enterprise
  3. 03Confirm Q4 DR drill date β€” recommend October (before holiday freeze)
  4. 04Sign-off on PCI-DSS attestation post Plant 3 firewall completion

This is what every Kootechnikel vCIO client gets, every quarter.

No PowerPoint theatre. No invoice padding. Just an honest scored review with the decisions you actually need to make. Want one for your environment?

Book a free IT health check β€” first vCIO read for free