Cybersecurity, compliance, and managed IT in Raleigh, North Carolina. Pick up the phone, send the form, or book a free 15-minute scoping call. A real engineer responds within one business day - no SDR queue, no chatbot deflection.
Most "contact us" experiences route you to a salesperson with a quota and a script. We do not run that playbook. When you reach out, the next pair of eyes on your message is an engineer who has done the work, not a closer. Here is exactly how the first conversation unfolds.
Tell us what is going on - active breach, audit deadline, slow network, vCISO gap, or "I do not know where to start." We do not interrupt with feature pitches. A senior technician reviews your message and flags it to the right specialist on our team within one business day.
Book a no-cost discovery call at a time that works for you. We ask sharp questions about your environment, regulatory exposure, current stack, and constraints. If we are not a fit, we will say so on the call and point you to someone who is.
Within two to three business days you receive a written summary: what we heard, what we recommend, and an honest estimate of what the engagement looks like. You decide if it is worth a second conversation. No high-pressure follow-ups. No "limited slots" theatrics.
If your reason for reaching out is specific, save a step. The service hubs below have deeper context, scope checklists, and tier-specific FAQs - useful before the first call.
Gap assessment, SSP/POA&M authoring, C3PAO preparation, and CMMC Registered Practitioner Org engagement (RPO #1449).
CMMC hub -> HealthcareRisk analysis, technical safeguard implementation, business associate agreements, and breach-response readiness.
HIPAA hub -> Managed ITCo-managed or fully managed IT, 24x7 monitoring, patching, backup, and a US-based helpdesk that picks up the phone.
Managed IT -> Private AIVoice and chat agents, on-prem GPU clusters, retrieval-augmented assistants, and AI workflows that stay inside your perimeter.
AI hub -> Active BreachRansomware containment, business email compromise, insider events, and forensic preservation for litigation or insurance.
Incident response -> ForensicsNC Digital Forensic Examiner license #604180. Chain-of-custody preservation for endpoints, servers, cloud accounts, and email.
Forensics -> CloudMicrosoft 365, Azure, AWS, and hybrid environments. Hardening, conditional access, identity governance, and audit evidence.
Cloud security -> StrategyFractional CISO leadership, board-ready reporting, security program design, and roadmap ownership for organizations under 500 staff.
vCISO ->Use the form below for non-urgent inquiries, proposal requests, scoping questions, partnership outreach, or to schedule the free discovery call. We reply within one business day. If you are dealing with an active breach right now, please call the emergency line at the bottom of this page instead.
What to include: A one-line summary of your situation, your industry (especially if you carry CMMC, HIPAA, PCI, or SOC 2 obligations), your timeline, and the best way to reach you. The more context you can share up front, the more useful our first reply will be. Everything you send is kept confidential.
Ransomware does not wait for office hours. Neither do business email compromise events, data-exfiltration incidents, or vendor-chain breaches. If something is actively burning, route to the emergency line. Everything else can move at normal pace.
Ransomware, suspected breach, exfiltration, account takeover, wire-fraud event, or any situation where the longer you wait the worse it gets. Skip the form. Call us directly and ask for incident response.
Emergency response details ->New service evaluation, audit preparation, vendor consolidation, vCISO engagement, AI rollout, or a general "let us talk" introduction. The form on this page or a phone call during business hours is the right path.
Use the form above ->Our office is in the Centerview Drive corridor near Crossroads and the Raleigh outer loop. We serve clients across North Carolina onsite - Raleigh, Durham, Cary, Wilmington, Charlotte, Greensboro, Winston-Salem, and the broader Research Triangle - and serve the rest of the country remotely.
Every member of the Petronella technical team is CMMC Registered Practitioner certified. Founder Craig Petronella holds CMMC-RP, CCNA, CWNE, the North Carolina Digital Forensic Examiner license #604180, and MIT-Certified credentials in AI and Blockchain. The company is a CMMC-AB Registered Provider Organization #1449, a member of the Private and Public Sector Briefing (PPSB), and has held a BBB A+ rating continuously since 2003.
When you send a message through the form, it is reviewed by a real human on the engineering team - not an offshore SDR, not an AI deflection bot, not a chat queue. If your situation calls for specialized expertise (incident response, forensics, CMMC, AI infrastructure), the appropriate senior team member responds directly. Meet the people on our team page before your first call so you know who you are speaking with.
A few of the most frequent questions we get at the contact stage. If yours is not covered here, send the form - we will answer it directly.
Within one business day for standard inquiries submitted Monday through Friday. Most replies arrive the same day. For active incidents, call (919) 348-4912 directly - we triage emergency calls around the clock and route to incident-response staff immediately.
No. The first conversation is a free 15-minute scoping call. There is no obligation to engage, no pre-call paperwork, no NDA gate. If we are not the right fit, we will tell you on the call and point you to someone who is. We would rather lose a 15-minute meeting than start a bad engagement.
An engineer. Intake routes every inbound to a senior technician who has done the work. Commercial framing comes later if needed - the diagnostic conversation always starts with someone who can read your environment and tell you the truth.
Call (919) 348-4912 and tell us you need incident response. Skip the form. While you wait, isolate affected machines if safe to do so, preserve logs and screenshots, and avoid powering off systems unless directed (this destroys volatile forensic evidence). More on the emergency response page.
Not on this site. Our engagements are scoped to environment size, regulatory framework, node count, and risk profile - none of which we can guess from a contact form. Published price lists tend to mislead either the buyer or the provider. After the discovery call we send a written, itemized estimate so you can see exactly what is included.
Both. We are headquartered in Raleigh and serve clients across North Carolina onsite. We also serve clients nationwide remotely - including federal contractors with CMMC obligations and multi-state healthcare organizations under HIPAA. Geography is rarely a constraint for the work we do.
Yes. If your situation involves sensitive details - active litigation, in-progress M&A, or controlled unclassified information - we are happy to execute a mutual NDA before the call. Just mention it in the form and we will send a draft along with the meeting invite.
Tell us in the form. Tight regulatory deadlines are a regular reason clients reach out. We can run accelerated readiness sprints - gap analysis, control implementation, evidence collection, audit prep - when scope justifies it. Be specific about framework (CMMC, HIPAA, PCI-DSS, SOC 2, NIST 800-171) and deadline.
Submissions are received over TLS, stored on infrastructure we own, and accessible only to authorized Petronella team members. We do not sell, share, or resell contact information to third parties. If you ask us to delete your record after the conversation, we do. Our full privacy policy covers the details.
Use the same form. Note "partnership" in your message. We work with peer MSPs, law firms (insurance and breach counsel), accounting firms, and industry associations on referral and white-label arrangements. More information on the MSP partner program page.
No commitment. No pressure. One business day to a real reply. Pick the channel that suits you and we will take it from there.
"It's safe to say that Craig and his crew are cyber security wizards. No idea how they do it all, but if you need help with anything related to IT or security, go no further than Petronella Technology Group. Many thanks for all of your research and insight! I've personally witnessed the positive effects that cyber security awareness training can have on a business. All businesses should take this precaution and train their staff on what to do in the event of a security breach."
