Our Story


Risk ManagementSM

Hear Our Story

About Us

Risk and Compliance

With deep expertise in healthcare cybersecurity risk management, the BALLAST team collaborated with one of the largest owners of acute care hospitals in the U.S. to automate its security risk assessment program. Launched in June of 2017, BALLAST is the go-to tool for over 300 organizations, across multiple industries, for managing risk and compliance.

Developed by a team of risk and security professionals, we have performed hundreds of risk and compliance assessments over the years. We know how difficult and time consuming it can be to manage the process with traditional tools. Spreadsheets and PDFs are insecure and inflexible, while GRC solutions are too complex, with long implementation timelines. So, we took it upon ourselves to reimagine risk assessment and, along the way, have designed a tool that can be rapidly deployed and is simple to use, flexible and scaleable. Try us on for size, and we think that you’ll agree.

BALLAST is proud to be a part of LBMC Information Security and the LMBC family of companies based in Nashville, Tennessee.

BALLAST was founded in 2017 with one goal - to simplify the risk assessment process.

Mark FulfordCo-Founder, BALLAST

Full Spectrum of Services

Working with BALLAST connects you with our team of information security specialists. Have a need beyond risk assessment? If so, we provide the following services and much more.

IT Assurance


Penetration Testing

Internal, External, Wireless, Social Engineering/Phishing, Physical, Purple Teaming

Web App Assessments

Web and Mobile Application Security Assessments, OWASP, Authenticated and Unauthenticated

Security Program Design

Outsourced CISO Services, Best Practice Consulting, Risk Analysis, Program Metrics Development

Incident Response

Retained and Unretained Response Services. Incident Response Plan Development, Training and Exercises

Digital Forensics

Forensic Investigations, Litigation Support, Data Acquisition and Analysis, Certified Forensic Analysts

Risk Assessment

We Understand the Risk. That’s Why There’s BALLAST.

Knowing your risk is critical. Developed by a team of security professionals, BALLAST is a cloud-based risk assessment tool based on NIST methodologies that streamlines the assessment process, provides on-demand compliance reporting and remediation tracking.

Learn More

Get To Know Us

Working together we can create a risk assessment plan that meets your unique needs. Contact us today to schedule a free consultation.

Better Visibility. Don’t play guessing games. Get visibility into organizational risks at the click of a button.
Expertise Within Reach. We have led hundreds of risk assessments and worked directly with regulators – let us help you navigate the complexity.
Rapid Deployment. No costly infrastructure or integrations. We’ll get you up in running quickly (weeks, not months).

Questions? Call us at 1-833-GO-BALLAST (1-833-462-2552).

    Sign-up to receive risk management best practices, tips and product updates. Opt-out anytime.

    Let's Get Connected

    Sign-up to receive risk management best practices, tips and product updates from BALLAST. Get the latest news by following us on social media.