URU is a team of experienced IT Security Professionals, long-time friends, and co-workers who first met a decade ago while traveling across the country, helping businesses create their own enterprise security management programs. Both strongly believe that security is more than a series of prescriptive checklists and that effective security programs are customized to meet the needs of each business.

URU’s founders have 37 years of collective experience which features heavily in the Financial and Healthcare industries. Between them they have developed, led, and managed programs at the FDIC, Anthem Inc., and Verizon Business. Their breadth of work has resulted in an intimate knowledge of many IT Security Compliance frameworks including HIPAA, HITRUST CSF, PCI, SOX, SOC2, GLBA, ISO 27001-2, and NIST 800-100. In addition to assisting clients with strategic security program development, URU routinely conducts technical security assessments to help their clients meet both internal and external compliance needs.

Adam Kunsemiller, Co-Founder

Adam is a veteran of advising clients on how best to reduce risk to the enterprise by leveraging existing people, processes, and technology. Adam is an accomplished program builder who established the application security program at Anthem, Inc. and the application security certification service at Verizon Business. He has also played a key role in developing security services for medical device security. Adam excels at meaningful communication on both executive and technical levels and enjoys solving problems to enact change in pragmatic ways.

Previously, Adam served as a Managing Director for a global product certification services firm. During this time, Adam played a key role in development of new service offerings and training programs, including the creation of several emerging security services such as medical device security assessments, big data security, and application security services.


Ray Todora, Co-Founder


Ray is a seasoned IT Security Professional who builds upon a decade of experience in IT to bridge the often-divisive gap between offensive security and critical enterprise infrastructure teams. Prior to dedicating himself to the world of offensive security Ray built and led the Vulnerability Assessment and Infrastructure Assessment teams at the FDIC. Ray thoroughly enjoys exploiting critical security flaws, but he finds it even more gratifying to help his clients protect against the attack chains he discovers on the job through education, personal demonstration, and root cause analysis. Ray is a strong believer in pragmatic security; utilizing existing people, processes, and technology to achieve maximum security gains.

Ray previously served as a Principal Security Consultant for a global product certification services firm. During this time, Ray lead technical security assessments and penetration tests for a variety of Fortune 500 clients. These included companies in the Banking, Healthcare, Health Insurance, Retail, Government, Utilities, Entertainment, and Pharmaceutical industries.