Virtual CISO Services

What is Virtual Chief Information Security Officer (vCISO)?

A vCISO is a combination of services that helps any organization at a different level of maturity during the journey of adopting Information Security. A vCISO can ‘stand up’ an entire Information Security organization up, perform routine/spot health checks, liaison with technical Managed Services Provider (MSP), help conduct Business Continuity & Disaster Recovery tests, achieve compliance with standards and regulations, among several other functions.

A fairly detailed list of functions are listed below:

• Base Line Assessment

• InfoSec Organization Building

• Budget and prioritization

• Security Awareness Training

• Vulnerability Management Monitoring

• Data Classification

• Data Loss Prevention/Plan Implementation/Forensics

• Compliance Initiatives (PCI, FERPA, FACTA, HIPAA, SOX)

• Security Program Design

• Obtain certification in many Security Standards (ISO 27001, NIST, FISMA, FFIEC, NIST, HITRUST)



• Privacy Program Implementation

• Vendor Contracts and Risk Management

• Identity and Access Management

• Incident Response Planning

• Vulnerability and Penetrating Test Planning

• Security Architecture Design and Policy Development

• Bring Your Own Device (BYOD) Strategy and Policy Design

• Information Risk Reviews and Risk Management

• Audit Remediation and Audit Management

• SOC Readiness and Compliance

Please 'Contact Us' to learn more about these services. Do not see a service item in the list above, call us. We can share specific details about your particular need by pulling from the large array of additional services delivered under the vCISO service package.