orange angles graphic
grey angles graphic

Get to know CEO Alan Ropes

VyFi CEO Alan Ropes and host Mark Ritter discuss security, compliance and lots more...

About

Who We Are & What We Do

We are dedicated to protecting you today and into the future.

grey angles graphic
Our Company

A better way to approach cybersecurity starts here.

About Stickley on Security

Since 2007, Stickley on Security has been a trusted partner to financial institutions and organizations nationwide, delivering the cybersecurity education, protection, and strategic guidance they need to stay ahead of evolving threats. What began as a mission to make security awareness meaningful and accessible has grown into a comprehensive suite of services that empower teams, strengthen defenses, and support long-term resilience.

Today, Stickley on Security, operating as a Credit Union Service Organization (CUSO), continues that mission with an expanded portfolio of solutions that help credit unions, banks, fintechs, and organizations of all sizes protect their people, their data, and their communities.

Stickley on Security — protecting organizations since 2007
200+ Credit Unions Protected
$200B+ Total Asset Value Secured
2007 Trusted Since

"Security only works when people understand it."

— Jim Stickley

A Legacy of Education, Protection & Trust

For nearly two decades, Stickley on Security has focused on one core belief: security only works when people understand it. From day one, we set out to create training and awareness programs that employees and customers would actually embrace; practical, engaging, and grounded in real-world threats.

That foundation now powers a broader ecosystem of cybersecurity and compliance services designed to meet the needs of modern organizations, including but not limited to credit unions.

Comprehensive Solutions That Evolve With You

Drawing from the products and services offered through our unified platform, Stickley on Security provides end-to-end support across cybersecurity, compliance, governance, and organizational resilience.

Leveraging decades of leadership experience and technical expertise, we provide a full suite of specialized services designed to meet the rigorous demands of modern regulators (such as the NCUA and FFIEC) and the evolving tactics of cyber adversaries.

Advanced Security & Penetration Testing

We find your weaknesses before the bad actors do. Our expert analysts perform deep-dive evaluations of network and application environments, including:

  • Vulnerability Assessments: External (EVAPT) and Internal (IVAPT) testing.
  • Specialized Audits: Website, Online Banking, and Mobile Application security assessments.
  • Human Element Testing: Sophisticated Social Engineering, including Phishing and Vishing simulations.

Advisory & Assessment Services

We help measure and evaluate the effectiveness of your internal controls. Our advisory services provide validation for organizations of all sizes, ensuring compliance with:

  • Information Security Assessments (ISE): Including SCUEP, Core, and Core+ frameworks.
  • Risk Assessments: Comprehensive threat-based evaluations.
  • Framework Alignment: Microsoft 365, CIS Top 18, and PCI Readiness assessments.

Compliance & Program Management

Navigating the maze of federal and state regulations is a daunting task. We make compliance easy by providing:

  • Full IS Program Maintenance: Development of robust policies and procedures.
  • Incident Response: Policy development and procedural testing.
  • Regulatory Alignment: Expertise in NCUA, FFIEC, NIST, and GLBA standards.

Business Continuity & Organizational Resiliency

We ensure your organization remains resilient in the face of disruption. Our team assists in determining recovery requirements and maximizing resiliency through:

  • BCP/BCM Program Reviews
  • Incident Response Tabletop Exercises
  • Testing and Strategy Documentation

Cybersecurity Education & Awareness

We believe that an informed user is the best first line of defense. Our education solutions are designed to automate awareness and foster a security-conscious culture:

SoS Advisor

To help financial institutions build trust and authority, we provide this customer-facing solution that integrates directly into your website. It offers a library of over 2,000 videos and articles, delivering practical, easy-to-understand guidance to keep your members and customers informed about the latest fraud and identity theft threats.

Powered Cybersecurity Training

A fully automated program that handles quarterly training campaigns and monthly phishing simulations, removing the administrative burden from your internal team.

Employee EDU

Engaging, regularly updated courseware designed to drive meaningful behavior change and long-term retention among staff.

Supporting More Than Just Credit Unions

While our heritage is deeply embedded in the credit union movement, protecting over $200 Billion in total asset value for more than 200 credit unions, Stickley on Security has expanded its reach. Today, we bring the same level of rigorous, "audit-ready" security standards to financial institutions and organizations across various sectors.

Whether you are a small community organization or a large-scale enterprise, our goal remains the same: to provide the clarity, security, and peace of mind you need to focus on what you do best.

People Helping People Stay Secure

From cybersecurity training to advanced assessments and compliance support, Stickley on Security remains committed to one purpose: empowering organizations to protect what matters most.

Since 2007, we've helped hundreds of teams strengthen their defenses, build resilient cultures, and navigate an increasingly complex threat landscape. And we're just getting started.

Ready to protect your institution? Let's start the conversation.

Our Core Value

Regulatory Expertise

Stickley on Security specializes in solutions and services that enable your organization to meet the cyber and information security requirements of regulations impacting your industry.

NCUA
National Credit Union Association

FFIEC
Federal Financial Institutions Examination Council

NIST CYBERSECURITY FRAMEWORK
National Institute of Standards and Technology

FISMA
Federal Information Security Management Act

GLBA
Gramm-Leach-Bliley Act

PCI DSS
Payment Card Industry Data Security Standard