CyberCrest Finds Growth in Cybersecurity Compliance

CyberCrest Finds Growth in Cybersecurity Compliance

https://www.sdbj.com/cyber-security/cybercrest-finds-growth-in-cybersecurity-compliance/

Publish Date: 2026-01-07 08:00:00

Source Domain: www.sdbj.com

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points.
John Huckeby, founder and managing director of CyberCrest Compliance Services, started his company in 2021. Photo courtesy CyberCrest Compliance Services
ENCINITAS – For John Huckeby, a career path that began with big accounting firms in 1997 has morphed into his own business. That’s what a few decades, not to mention the internet revolution, can do to a career.
Huckeby’s 4-year-old company, CyberCrest Compliance Services, keeps his clients’ data secure and prying eyes away from client computer networks.
CyberCrest helps clients stay safe on the internet by helping them comply with recognized cybersecurity standards. These include, but are not limited to, CMMC, HIPAA, SOC2, ISO 27001 and NIST 800-171. The business is riding the wave of clients realizing that they need such protection.
Opportunities not yet imagined in the mid-1990s turned into success for CyberCrest, which doubled its annual revenue to $2 million in 2025. Huckeby said the business is angling for 100% growth again in 2026.
“We closed three deals this week,” he said in an interview on Tuesday (Dec. 30). “Its New Year’s. No one’s working this week.”
Clients include life science companies such as Alector Inc. (Nasdaq: ALEC) and ARGENX SE (Nasdaq: ARGX), as well as tech companies such as venture backed Sigma Computing and Carlsbad-based satellite services provider Viasat (Nasdaq: VSAT). CyberCrest has clients as far away as Canada, Europe and Asia. Continued overseas expansion is part of its plan for 2026.
In addition to helping clients comply with cybersecurity standards, the business offers services such as vulnerability assessments, penetration testing, business continuity and disaster recovery, and more.
CyberCrest has seven employees and “a half dozen contractors,” Huckeby said.
On Ground Floor with Technology
Huckeby, a University of Arizona graduate, worked at Andersen Consulting and subsequently Accenture after college. They were the early days of business computing and business-specific software such as SAP. Over the years, Huckeby also worked at Deloitte and EY.
The federal government released an early information security standard called Sarbanes-Oxley at the time. It was a catalyst for widespread adoption of information security compliance standards.
At one point, Huckeby was global compliance manager with Starwood Hotels & Resorts. The job offered an exceptional perk – the ability to stay at “the snazziest hotels in the snazziest cities,” he said. A later job with medical supplier McKesson (NYSE: MCK) exposed him to that particular vertical market as well as the needs of medical technology and pharmaceuticals.
Today, Huckeby said business comes to him, and so far, he has put very little money into advertising.
The executive said that it is often not the CIO or CISO (chief information security officer) of a potential client who is first to realize the business needs for CyberCrest’s services. It’s often a member of an organization’s sales department. Oftentimes a business will be on the verge of doing business with a third party and the third party makes it clear it will only agree to a deal if the potential partner has a cybersecurity compliance report such as a SOC2 report. It is then that a client seeks out a vendor like CyberCrest.
CMMC and NIST 800-171 have become standards for companies doing business with the U.S. Department of War. November marked the beginning of mandatory CMMC compliance.
The Pentagon wants to keep as much sensitive information as it can out of the hands of adversaries, and it does so through mandating CMMC compliance which is based on the NIST 800-171 standard. Though sensitive information isn’t classified, an adversary could use it to its advantage if it could get enough of it.
Adversaries may try to break into prime defense contractors’ computer networks via a variety of threat vectors including perhaps a subcontractor’s computers. Such a subcontractor might be a small business, perhaps a privately owned machine shop. A flaw in the system of the mom-and-pop business could reveal a Mother Lode of valuable data and details about intellectual property. As a result of the potential risk, the machine shop must come into compliance with CMMC to do business with the Department of War.
CyberCrest’s board members include Jason Kruger and Jill Huckeby. The business is self-funded, which John Huckeby said allows it to grow organically and ensures consistent quality of services.
While the owners have had offers to take outside money, “we turn them down,” Huckeby said. “We don’t want outside money to influence who we are and where we’re going.”
CyberCrest Compliance ServicesFOUNDED: 2021CEO: John Huckeby (founder and managing director)HEADQUARTERS: EncinitasBUSINESS: IT services specializing in cybersecurity complianceEMPLOYEES: Seven, supplemented by six contractorsWEBSITE: cybercrestcompliance.comCONTACT: cybercrestcompliance.com/contact-usNOTABLE: The business has clients in the United States, Canada, Europe and the Asia-Pacific region.