Blue Oak Cyber
Defending the mission of those who make a difference, strengthening nonprofits with secure foundations.
Safe today.
Strong tomorrow.
Complimentary Services for
Those Who Serve Others
Phishing Resilience Testing
Test your team before the attackers do.
What You Get:
A fully managed, real-world phishing campaign customized for your organization - 15 email addresses or less
Reporting on who clicked, who reported, and who fell for the test
Why It Matters:
Human error is still the #1 cause of data breaches.
A single click could cost your business thousands - or worse, your reputation.
Our phishing simulations teach your team what real attacks look like, without real-world consequences.
Cyber Hygiene Quick Audit
Find potential vulnerabilities early
What You Get:
Light cybersecurity assessment based on industry best practices - 15 workstations or less
Review of basic network, device, and account security settings
Identification of common misconfigurations and missing safeguards
Why It Matters:
Most breaches happen through small, easily preventable issues - weak passwords, missing updates, misconfigured access.
We help you catch them early, when they’re cheap and easy to fix.
Ready to take the first step toward real cybersecurity?
Details:
Phishing Resilience Testing
What’s Included:
1 fully managed phishing simulation campaign
Click/open/fail report
Limit of 15 email addresses
Cyber Hygiene Quick Audit
What’s Included:
Light audit based on CIS Controls best practices
Review of password hygiene, access controls, endpoint security, and patching
Summary recommendation plan
Limit of 15 workstations or less
Ready to help us help you?
Schedule a free consultation. No commitment. Just clarity.
FAQs
How do we qualify for a free assessment?
To qualify for our nonprofit services, your organization must be an active 501(c)(3) public charity, verified by your IRS Determination Letter and the IRS Exempt Organization Search. Organizations that cannot provide proof of 501(c)(3) status or are listed as private foundations are not eligible for these services. Verification is required before any complimentary services are provided.
What if we already have an IT support provider?
That’s great!
We’re not here to replace your IT team — we complement them by focusing specifically on cybersecurity risks that IT support teams sometimes miss (like phishing resilience, user access risks, or policy gaps).
We’re happy to work alongside your existing providers.
Are there any ongoing monthly fees?
No.
Our standard services are one-time engagements.
No “trials” or time limits. Single engagement assessment structure.
Do you work with businesses outside the United States?
At this time, we serve U.S.-based businesses only.
We are unable to engage with companies that:
Operate offshore offices or international branches
Handle personal data subject to international regulations like GDPR, LGPD, or similar
Are governed under GLBA (Gramm-Leach-Bliley Act) financial privacy rules
Our focus is on helping domestic U.S. businesses grow safely and compliantly.
If you're unsure whether you qualify, contact us — we're happy to clarify!
Do your services guarantee that my organization will be completely secure?
While our services are designed to greatly reduce your cybersecurity risks, no service or technology can guarantee 100% security against every possible threat.
Our goal is to help you build stronger defenses, smarter practices, and more resilient systems to greatly lower your risk of incidents
Do you work with healthcare providers or businesses subject to HIPAA?
Currently, Blue Oak Cyber does not offer services specifically designed for HIPAA-regulated environments. If your business handles Protected Health Information (PHI), please contact us to discuss suitability.