Welcome to Waysecure Consulting

company background

WaySecure Consulting is a boutique information security consulting firm founded on January 1, 1998 and has been providing solutions for corporations, organizations and governments ever since. Our main focus is IT related security, providing some of the best expertise in the industry. We also provide services in related disciplines such as operational security, computer forensics and TSCM (electronic counter-surveillance).  WaySecure operates globally and can quickly assemble teams of security specialists to meet client requirements no matter how large or complex. Together with our clients, we provide security solutions that balance business/mission needs with risk mitigation measures that make sense. Headquartered in New York City, WaySecure has offices in Phoenix and Seattle.

about our president

Steve Lutz  is the President of WaySecure Consulting, Inc. and brings over 20 years experience in engineering, information systems and information security disciplines to the table. Steve has been a leader in the commercial, aerospace and government sectors in providing state-of-the-art Information Security solutions.

As WaySecure is a boutique security consultancy, Steve is responsible for overseeing the delivery and quality of work performed. He is actively involved in all aspects (business assessments, technical assessments, recommendations) of each project. Before forming WaySecure, Steve was a Senior Manager in Ernst & Young's Information Systems Advisory and Assurance Services group.    He has extensive program management experience and specializes in overseeing and managing large complex engagements.  Before Ernst & Young, Steve was in charge of Network and Distributed Systems Security at The Chase Manhattan Bank where he was responsible for global network security, Internet security and advanced projects in high risk environments. Prior to Chase, Steve provided security expertise in a wide variety of disciplines to the DoD and intelligence communities of the U.S. government. Steve holds a B.S. in Information Security from the State University of New York.

Additional professional activities include National and International media appearances and interviews with the New York TimesAssociated PressNippon Television and Forbes Magazine, Guest columnist for Network Computing magazine on security penetration testing. ("Intrusion Detection Provides a Pound of Prevention", August 1997), Featured guest expert on "CyberCrime Radio" (KIEV Radio, Los Angeles) a live broadcast, radio talk show that focuses on high-tech crime and computer security issues, Guest lecturer and co-presenter with the FBI's Computer Crime Unit at Pace University, New York City on Information Security Risks within Corporate America, Guest lecturer at SANS (Systems and Network Security) Conference in Washington, D.C. on "Augmenting Security in a UNIX Environment" November 1995, Guest lecturer at "Beyond Hope" a hacker convention based in New York City on "Tiger Teaming" August 1997, and Guest lecturer at Information Systems Security Association (ISSA) meeting in Seattle on "Information Security Consulting" November 2001

Steve has worked with numerous large organizations including Ernst & Young, Chase Manhattan Bank, Philip Morris, American Express, Morgan Stanley, Union Bank of Switzerland, Kraft Foods, Omnipoint Communications, First USA, EURO-RSCG, Transamerica Insurance Group, The Daily Deal, Quick International Courier, American Lawyer Media, Avon Cosmetics, GEIS, TIAA-CREF, HBO, Time Warner, Boy Scouts of America, Bank One, Seagate, Yahoo, EDS, Immunex, Barnes-Jewish Medial Center, North Shore Medical Center (NY), Long Island Jewish Hospital, Amgen, Saudi Aramco, Barbados Ministry of Education, U.S. Navy (Stennis Supercomputer Center), U.S. Army, Egyptian Armed Forces, Grumman Data Systems, Grumman Aerospace, U.S. Air Force, and the Strategic Defense Initiative (SDIO). Steve regularly speaks at security conferences worldwide and is recognized in the popular press as a knowledgeable source on Information Security.


WaySecure has one of the most experienced contingents of security professionals in the industry. We have the skills to manage and complete large projects on time and on budget. We have extensive experience analyzing, architecting, designing, and managing comprehensive security solutions across many industries. We also maintain contact with individuals at all levels of the security community to help us stay current with the latest threats and intrusion techniques used by the people most likely to attack your enterprise. Our consultants are noted speakers at industry events and conferences, and our in-house R&D team consists of top talent from every area of computer security research. This blend of experience and knowledge makes WaySecure a powerful and devoted ally in securing your digital infrastructure.

WaySecure has several advantages that set us apart from other firms:

  • WaySecure is vendor neutral, we only derive revenue from independently generated security consulting services.  We are not in the business of offering other non-security related IT services, software, or hardware.  We are truly an independent advisor to our clients.  As such, WaySecure provides objective and professional recommendations that are in the best interests of our clients.  We cannot and do not receive royalties, fees, or other considerations from product vendors when we recommend their solutions.

  • We are small, yet we are extremely focused on security consulting including security architecture design and implementation.   We have used, managed, and implemented many related technology platforms in our collective backgrounds, so that the solutions we arrive at together will have the "we've done that before" perspective added in.    We are advisors as well as implementers so we do not stop working when the recommendations have been delivered and the decision to implement is made. 

  • A significant amount of our revenue comes from repeat business. This demonstrates that we are not only committed to building a long-term relationship with our clients, but that our clients feel the same way about us.  Our philosophy is to act as a long term "trusted advisor" to our clients.

  • Unlike many consultants, we will not leverage professionals who perform other non-security related consulting services on an engagement simply because they need to be chargeable.  By remaining a small closely held corporation, we avoid the sales pressure many of our competitors are under to deliver ever-higher revenues to their shareholders.  As a result, our clients get only the people they need when they need them.