Summary of Services

Provides vCISO and other advisory services to companies that are struggling to fill leadership gaps in their security organization or desire to implement modern security strategies. The following are typical services that David can provide clients on an hourly or retainer basis:

• Virtual/fractional security leadership (vCISO, program/project management, architecture)
• Current state assessments and validation of regulatory compliance against common frameworks
• Analysis of security capabilities to support due diligence for mergers & acquisitions
• Planning & architecture support for upgrades/acquisition of security technologies (on-prem or Cloud) or MSSP services

Monday, March 21, 2022

Partnering with 6Clicks

When I decided to provide vCISO and Cybersecurity Advisory services last year I felt that I needed to use a technology platform to help me manage a client’s security program.  Using spreadsheets and email to manage assessments, initiatives, assets, strategies, risks/incidents and work activities won’t make it easy to juggle the demands of multiple clients.  I have some great spreadsheets but doing it this way isn’t sustainable.
After looking at the tools available and their business models for working with companies that provide advisory services like mine I decided to partner with 6clicks.  They have a great platform that is highly customizable and can integrate with data sources using Zapier to help build reports and dashboards without manual downloads.
I’m in the process of converting my models into 6clicks and building out a complete operating model that I can deploy to my vCISO clients or for other CISO’s that are ready to move past “stone knives and bearskins”.
Reach out when you’re ready to learn more.  Here is my listing on the partner directory:

Friday, January 21, 2022


I'll be speaking as part of a panel at the AITP meeting in February.  This is open to both members and non-members.  

Register here:

  • Wed, February 16, 2022
  • 5:30 PM - 7:00 PM
  • Virtual Zoom Meeting

Topic:  The rise of the vCISO – Determining if fractional information security leadership is the right fit for your organization

In the past 5 years the Information Security industry has experienced a rise in the number of firms and individuals offering fractional leadership and governance offerings, especially to medium and small-sized client organizations who may not have the resources (team size, funding, etc.) to build out and mature a robust program. These virtual (v) a.k.a. vCISOs are representing a growing presence in the information security ecosphere.


Ninety minute program. Moderator and panel will introduce themselves (15m). Moderator will summarize panel talks for the audience and have two to three planned questions to start the panel discussion (60m). Questions and answer session (15m).


Panel will largely address the difference between an in-house CISO and vCISO and pros/cons of each, with an emphasis on the unique advantages of the vCISO model. The moderator and panel will also address general security topics and their approach to solving them.

  • What is a fractional or vCISO?
  • Why do we need a CISO?
  • How do we create value?
  • What are the challenges for a vCISO?
  • and more.

Saturday, January 1, 2022

Contact Info & Bio

David Tyree, CISSP, CCSP
Managing Advisor

Youngtree Advisors LLC
Greater Chicago/Milwaukee Area
Book a meeting at:


David Tyree, CISSP, CCSP has worn many hats during his 20+ years in IT with a focus on information security and risk management.  He has performed technical leadership & architecture roles inside large enterprise security teams, as well as delivering solutions and supporting technical sales for leading integrators and MSSP’s.  He provides vCISO and other advisory services to companies that are struggling to fill leadership gaps in their security organization or desire to implement modern security strategies.

He can deliver engagements onsite in the Chicago/Madison/Milwaukee area but expects most engagements will be remote.  David’s network includes leaders from peer consulting organizations and market-leading security vendors that can be “weaponized” to solve the most difficult security problems facing organizations today.