“Our vCISO service provides the organization with valuable insight to enhance their security posture and also allows them to stay focused on their core business objective while still benefiting from our expertise and experience to develop and maintain a robust Information security framework. Here are just a few areas where we can assist”
vCISO Engagement will involve
- Scoping: Every vCISO assignment differs in scope and objectives. Requirements will depend on your current protection level, risk appetite, and infrastructure.
- Assessment: vCISO will perform an assessment to identify the regulatory, legislative and contractual requirements that the organization must meet. The organization will also be audited using a standard framework.
- Gap analysis: vCISO will conduct a threat assessment and identify what needs to be protected and the level of protection. Upon completion of the security profile, a strategy, and roadmap will be developed for the board to approve to reduce the risk to the organization and improve the maturity of its information security capability.
- Implementation: vCISO will implement the roadmap by initiating identity management, access control, inventory management and any other projects listed in the roadmap.
- Evaluation: A reassessment will be conducted to determine the success of the implementation phase and to identify whether the risk profile has changed and the impact this has on the strategy and roadmap.
- Continual maintenance: Ongoing vCISO support