Updated:
SideChannel
SideChannel deploys fractional CISOs to mid-market companies through a publicly traded micro-cap cybersecurity services structure.
SideChannel
SideChannel is structured as a publicly traded cybersecurity services firm, tickered SDCH on the OTCQB market, with a focus on delivering virtual Chief Information Security Officer (vCISO) engagements. The company positions seasoned security practitioners as part-time executive advisors to organizations—typically mid-market enterprises—that face increasing regulatory and threat pressures but lack the scale to recruit a full-time CISO. This fractional approach transfers the cost and personnel burden of security leadership into an outsourced subscription model. Strategy execution centers on human-led advisory work rather than software licensing. The firm's vCISOs embed within client organizations to build security programs, manage compliance frameworks such as SOC 2 or ISO 27001, and guide incident response planning. Its revenue engine is relationship-driven, renewing on multi-month contracts that generate recurring service income. The small-cap structure contrasts sharply with product-centric cybersecurity firms; SideChannel sells executive time, not proprietary platforms, positioning itself as a layer between the client's IT department and the broader vendor ecosystem. Recent operational moves have focused on broadening the executive bench and rationalizing corporate overhead. The company runs lean, with a distributed workforce and no disclosed institutional investment vehicles, foundations, or real-asset arms. Its geographic focus is North America, serving remote-first clients across the United States. The public listing, while providing a capital markets vehicle, results in public disclosures that most family-office or closely held consulting peers avoid. SideChannel's structural differentiator is the mismatch between its corporate form and its core business. It operates as a micro-cap public company selling a people-based advisory service, making it an outlier relative to both its gig-economy peers and funded SaaS security startups. That public-listing transparency, combined with a narrow focus on vCISO hours, creates a governance profile that family offices evaluating outsourced cybersecurity leadership would recognize as unusual and highly reportable.
General information
Firm type
other
Year founded
—
AUM
Undisclosed
Location
Region
North America
Country
United States
City
—
Corporate office
—
Sector focus
Frequently asked questions
What is a fractional or virtual CISO delivery model?
A fractional or virtual CISO model provides an organization with a part-time senior security executive who operates as an embedded leader rather than a project consultant. SideChannel assigns a named CISO to each client on a recurring, subscription basis, typically structured as multi-month or ongoing advisory engagements. The vCISO is responsible for developing a multi-year security roadmap, managing compliance efforts, and advising the board or CEO on risk posture — tasks identical to a full-time role but allocated across a managed portfolio of client companies.
How does SideChannel's public-listing status affect its client engagements?
SideChannel trades on the OTCQB market as SDCH, which imposes SEC reporting obligations uncommon among boutique cybersecurity consultancies. This means its financial statements, executive compensation policy, and material contracts become part of the public record. For a family office or a fund evaluating an outsourced CISO relationship, that transparency can simplify supplier due diligence, but it also means SideChannel's operational decisions — such as cost-cutting or capital raises — are visible to competitors and clients simultaneously.
Who is SideChannel's typical client?
SideChannel primarily targets mid-market firms — typically those with 200 to 2,000 employees — that hold sensitive data, face compliance mandates such as SOC 2 or HIPAA, or need cybersecurity representation at the board level without the budget for a full-time CISO. Its model also attracts venture-backed portfolio companies that GPs or family offices need to harden ahead of an exit or regulatory audit.
Does SideChannel sell software products or managed security tools?
No. SideChannel does not develop or resell proprietary software as its primary offering. The company sells executive time and strategic security program management. While vCISOs may recommend technology products during an engagement, SideChannel's income comes from advisory fees — not software licensing margins or hardware resale — which keeps it structurally distinct from managed security service providers and SaaS vendors.
What governance or regulatory standard experience can SideChannel bring to an engagement?
SideChannel vCISOs typically have experience with widely adopted compliance frameworks including SOC 2, ISO 27001, HIPAA, and GDPR readiness programs. Because engagements are client-specific, the standard applied depends on the contract and the assigned CISO's background, which can be matched to an allocator's specific portfolio-company requirement during onboarding.
Profile maintained by Altss using OSINT (open-source intelligence), regulatory filings, licensed data partners, and verified direct submissions. Read the methodology. Last updated: . Continuous refresh with full update cycles at least every 30 days.
Need institutional-grade insight on family offices?
Altss delivers:
Prefer a guided tour?
We’ll walk you through: