Hozho Home


Custom Plans and Table Top Drills

We work with your business to ensure that the right plans are in place and will conduct a table top exercise and fine-tune your plans as necessary. Our cybersecurity plans include:

  • Business Continuity Plan
  • Business Impact Assessment
  • Disaster Recovery Plan
  • Information System Contingency Plan
  • Risk Assessment Plan
  • Risk Management Plan
  • Risk Mitigation Plan


On-demand and live cybersecurity training

Stay current with the latest data security and consumer privacy requirements with training accessible 24/7.

Hozho training is designed with the smallest organizations in retail, e-commerce, real estate, and non-profits in mind.

Satisfy contractual, regulatory and insurability requirements with cybersecurity courses at Hozho Cybersecurity.


Augment your staffing with our services

Having the right cybersecurity program in place is critical to protecting your customer and proprietary data. HOZHO Cybersecurity can implement essential policies, processes, and procedures scaled for small and medium sized businesses.

Hozho also offers:

  • Annual Security Assessments
  • Asset Discovery
  • Vulnerability identification and remediation

Latest Small Business Threats

Retail business with open sign
Incident Response | Payments | Payments | Social Engineering

What are the Data Breach Requirements in Arizona?

Cyberattacks are a significant headache for small business owners, managers, and customers. The costs to recover from an attack vary, but the damage to your brand, customer trust, and business can be felt for many years. For your customers, the exposure of personal information – that you are entrusted to protect as a business owner …

Paper invoice with hand signing
Accounting | Cloud Software | Payments | Payments | Phishing | Social Engineering

QuickBooks User Accounts Spoofed and Used to Deliver Malicious Invoices

QuickBooks, the popular accounting software that many small businesses use for invoices, payments, and bookkeeping is now being leveraged by bad actors to bypass internal security and email systems to deliver malicious artifacts such as invoices to your customers. The attack impacts your customers by: Harvesting your customer’s phone number to set the stage for …