Coaching services that turn complex information risks, data governance, and regulatory demands into clear, strategic action!

ElMaeXtro was founded to help small business leaders understand the importance of protecting their information and to equip them with the tools and knowledge they need to do so effectively. We are an educational platform that delivers accessible, executive-friendly resources designed to build confidence in managing cybersecurity and information risk.

Why ElMaeXtro Exists

Bridging the Cyber Knowledge Gap for Small Business Executives
Small businesses make up the backbone of our economy—but many executives are not equipped with the knowledge necessary to make informed cybersecurity decisions. They often face:
• Competing priorities
• Mixed messages
• Conflicting advice
This leads to confusion, inaction, and vulnerabilities. ElMaeXtro exists to cut through the noise and provide clarity.

Our Approach
Business-First. Research-Backed. Easy to Understand.
We start by understanding your business needs and challenges. Then we deliver practical, research-backed knowledge that you can apply right away. With over:
8 years of experience teaching at the university level
10+ years in the cybersecurity field
We specialize in translating technical jargon into plain business language—making complex cybersecurity concepts clear and actionable.



Click Here

David A. Cruz

Email

davidcruzurena@gmail.com

Phone

(407) 476-7959

Time Zone

Eastern Standard

Education

Masters in Information Assurance

2011

Capella University

Doctoral In Information Assurance

In Progress

Capella University

Bachelor In Information Systems ​

2008

ITT Technical Institute

CISSP

2011

ISC2

GSEC

2015

SANS

CCP

2025

Cyber AB

Experience

Vice President of Information Risk (Contract)

January 2019 – 2022

Formulated business strategies to ensure contingency planning and readiness. Provided strategic leadership to develop actionable and scalable information security programs. Established strategies to safeguard information from unauthorized modification and disclosure. Designed and implemented enterprise-wide business continuity and incident response plans. Developed and executed simulated executive exercises to ensure preparedness. Provided strategic leadership and direction to clients implementing risk management policies.

Information Security Officer

September 2014 – 2015

Held the designation of Board-appointed Information Security Officer, developing a risk-driven information security program aligned with business objectives. Promoted corporate security awareness activities and implemented security awareness concepts. Deployed various technologies and strategies to enhance the information security awareness program. Conducted assessments, led briefings for senior leadership, and presented clear, actionable insights. Managed the information security budget, achieving a 20% reduction in expenses. Created and presented monthly information security status reports to management with clear metrics. Managed third-party vendor relationships to implement advanced security controls.

Information Assurance Analyst

September 2010 – 2014

Led security initiatives, conducting vulnerability assessments and developing mitigation strategies. Authored and implemented security policies in collaboration with multiple executives. Directed external audits, ensuring adherence to regulatory frameworks such as SOC 2 and PCI-DSS. Oversaw critical projects in collaboration with cross-functional business units. Facilitated emergency responses and analysis for business disruption incidents. Initiated Emergency and Crisis Management plans, serving as Business Continuity Coordinator. Conducted audits adhering to ISO 27001, SSAE-16 SOC I and II, FISMA/800-53, FFIEC, and COBIT 5. Oversaw and coordinated activities with external auditors representing banks and financial institutions. Led reviews across business applications, identifying vulnerabilities and implementing effective controls.

My Services​


At ElMaeXtro, we bridge the gap between executive leadership and complex information risk. Our coaching and consulting services are designed to simplify cybersecurity, data governance, and regulatory requirements—so leaders can make confident decisions that protect and strengthen their organizations.


01

Executive Information Risk Coaching

We coach leaders to understand information risks in plain language, enabling confident, informed decision-making at the executive level.

02

Data Governance and Compliance Strategy Consulting

We help organizations build clear, effective data governance frameworks and compliance strategies that align with business goals and regulatory requirements.

03

Cyber Resilience Readiness Assessment

We assess your organization’s preparedness for cyber threats and disruptions, delivering practical, executive-level insights to strengthen business continuity.

eBooks​

Endorsements​

These endorsements I received and have been posted on my LinkedIn profile.

David is a consummate professional, with a deep understanding of IT security. He is a results-focused individual, with a strong motivation to see that the industry best-practices are adopted in policy and supported throughout the organization. He is friendly, affable, and works hard to create personal relationships and trust between his area of expertise and other areas of the organization. I have great respect for David and what he has accomplished as an author, teacher, speaker, and industry expert. I am happy to say that I learned a lot from David; and, have implemented many safeguards at my own company because of our professional relationship.
John Coffey​
Having had the chance to work with David, I found him to be a very productive person and extremely professional. David also has an impressive background and deep wisdom of solutions in Information Security. Being insightful, independent, motivated and forward thinking eager perfectionist, David is a person you can trust when wanting to be sure that important and confidential tasks will be completed in a systematic and precise way on time. If you ever need someone to deliver under pressure, no slip-ups, just results, David is your man.
Randy Lightbody​
I had the privilege of working with David on a major project at Digital Risk in the Orlando, FL area. He is incredibly knowledgable in the information security field and should be regarded as a subject matter expert. He treats everyone with respect and is highly regarded in his area of expertise. He is diligent in his project benchmarks and deadlines, and goes out of his way to ensure projects are successfully completed. I consider him a successful colleague, as well as my friend.
Aleena Burgner
David was an outstanding professional. His industry knowledge is impressive and his commitment to a project assures a reliable outcome. He leads and works well with a team. He has the breadth to see the strategic and still execute a tactical work-plan.
Urjit Patel

Contact Me​

davidcruzurena@gmail.com​
+1 (407) 476-7959
Full Name
Email
Message
The form has been submitted successfully!
There has been some error while submitting the form. Please verify all form fields again.

Clarity, Empower, and Simplicity!

Scroll to Top