Lionfish Cyber Security
Empower. Lead. Defend.
Lionfish + Box.com Partnership Portal
The industry's first integrated GRC platform combining automated compliance management, embedded workforce training, and FedRAMP High authorized evidence storage
📋 Executive Summary
Partnership Vision
Lionfish Cyber Security seeks a strategic technology partnership with Box to create the industry's first integrated GRC (Governance, Risk, and Compliance) platform that combines automated compliance management, embedded workforce training, and FedRAMP High authorized evidence storage. This partnership bridges the critical gap between compliance documentation and secure, federal-grade evidence retention.
Key Integration Components
Automated Workspace Provisioning
Seamless creation of Box folders matching GRC control frameworks via API
FedRAMP High Storage
Utilizing Box's highest security tier for storing sensitive CMMC and HIPAA evidence
Embedded Training & Compliance
Lionfish's unique Learning Management System (LMS) integrated directly with evidence collection workflows
Real-Time Artifact Tracking
Live dashboarding of compliance completeness based on Box file uploads
Strategic Value Proposition
For Box, this partnership unlocks direct access to the high-growth SMB cybersecurity market ($109B by 2026), specifically targeting 300,000+ defense contractors facing immediate CMMC mandates and 100,000+ healthcare organizations requiring HIPAA compliance. It positions Box not just as storage, but as the essential backend for regulatory compliance.
📊 Partnership Status Dashboard
Timeline Milestones Checklist
🛡️ Lionfish Cybersecurity Capabilities
Company Overview
Lionfish Cyber Security is a mission-driven, Service-Disabled Veteran-Owned Small Business (SDVOSB) founded in 2018 and based in Indianapolis, IN. Utilizing the Green Beret "By, With, and Through" methodology, Lionfish empowers organizations to build cyber resilience from within. The company differentiates itself through its patent-pending technology (#17941843) and unique EnABLE Methodology, which combines performance support with embedded training to ensure workforce competency alongside technical compliance.
Certifications & Compliance
Current Certifications
- ✓CMMC Level 1 v2.0 Certified
- 🔄SOC 2 Type II (In Progress)
- ✓CMMC ATP (Authorized Training Partner)
- ✓State Accredited Tech School
- ✓SAM.gov Registered
Business Identifiers
Compliance Framework Available Under Lionfish Differentiators
Client Success Stories
"Lionfish CMMC Training was a perfect fit for my busy schedule. The self-paced study option gave me the flexibility I needed, and the instructor, Chris Haigh, was amazing—bringing in real-world, practical experience."
"Lionfish's CMMC instruction is first-class. Thanks to their training, I recently earned my Certified CMMC Assessor credential. Jeremy Miller and Chris Haigh made the learning experience both engaging and effective."
"Jeremy and the Lionfish team are elevating cybersecurity preparedness across industries. Their GRC platform is a must-have for MSPs, MSSPs, and compliance teams."
"Hands down the best compliance platform out there. I love all the features."
🔗 Integration Demonstration
Technical Specifications
API Architecture
- • Box Platform API v2.0
- • RESTful API endpoints
- • Webhook event subscriptions
Authentication
- • OAuth 2.0 + JWT tokens
- • Per-client workspace provisioning
- • Automatic folder hierarchy
Security
- • TLS 1.3 in transit
- • AES 256-bit at rest
- • RBAC & audit logging
Data Flow
Lionfish Platform → Box API → Per-Client Workspace
- 1. Evidence uploads: Lionfish UI → Box Storage (FedRAMP High)
- 2. Metadata tagging: Control family → Folder structure
- 3. Real-time sync: Box webhooks → Lionfish dashboard updates
Use Case Scenarios
Scenario 1: Defense Contractor CMMC Compliance
Challenge
250 employees, needs CMMC Level 2 certification by Q2 2026
Implementation
- • Auto-provision Box workspace
- • 14 domains, 110 practices folder structure
- • Embedded training in workflow
- • Real-time dashboard: "87 of 110 artifacts (79%)"
Box Benefits
- • 250-user account @ $15/user/month
- • $45,000 annual recurring revenue
- • <2% churn (compliance is mandatory)
- • Upsell: Box Sign, Governance
Scenario 2: Healthcare Provider HIPAA Compliance
Challenge
500 employees, maintain HIPAA compliance for PHI
Solution Benefits
- • Centralized HIPAA documentation
- • Embedded training modules
- • Audit-ready evidence on demand
- • BAAs tracked automatically
Box Benefits
- • 500-user account
- • $90,000 annual recurring revenue
- • Healthcare sector expansion
- • Long-term customer retention
Scenario 3: MSP Partner Revenue Growth Model
Challenge
50 SMB clients need compliance services
MSP Benefits
- • New revenue: $600K annually
- • Differentiation from commodity IT
- • Scalable compliance offering
- • Client retention boost
Box Benefits
- • 1,250 total users (50 clients × 25 avg)
- • $225,000 annual recurring revenue
- • MSP channel expansion
- • High-volume, stable customer base
💰 Business Value Proposition
Revenue Model for Box
Box Business tier pricing: $15/user/month (billed annually)
| Scenario | Details | Monthly Revenue | Annual Revenue |
|---|---|---|---|
| Year 1 (100 Clients) | Avg. 8 users/client @ $15/user | $12,000 | $144,000 |
| Year 2 (300 Clients) | Avg. 8 users/client @ $15/user | $36,000 | $432,000 |
| Year 3 (500 Clients) | Avg. 8 users/client @ $15/user | $60,000 | $720,000 |
Market Opportunity Analysis
Lionfish Serviceable Market: $16.6 Billion
- • 300,000+ defense contractors (CMMC mandatory 2026)
- • 100,000+ healthcare organizations (HIPAA)
- • 90,000 local governments
- • 43% of cyberattacks target SMBs
- • 450,000+ unfilled cybersecurity jobs in USA
- • 57% of SMBs cite cybersecurity as #1 priority
Why Lionfish is Unique
Competitors (Vanta, Drata, Secureframe)
Focus: Automation of compliance workflows
Strength: Evidence collection efficiency
Weakness: No training/education component
Result: "Compliance theater" - rules followed, people don't understand WHY
Lionfish Differentiators
The opposite of "compliance theater" (rules followed, people don't understand WHY):
- ✓ Control Awareness Training (UNIQUE) - Employees understand the "why" behind security controls
- ✓ Learning Management System (UNIQUE) - Embedded training in compliance workflows
- ✓ Workforce Development (UNIQUE) - Building cyber-capable teams, not just checking boxes
- ✓ Performance Support - Real-time guidance when performing security tasks
- ✓ Cultural Transformation - From compliance burden to security competency
With Box: FedRAMP High storage + GRC + Training = ONLY solution of its kind
📞 Partnership Contact Hub
Ready to discuss this $1.5M-$1.7M partnership opportunity?