Virtual CISO Services

Our Virtual CISO Services help you rapidly build cyber resilience

Outcomes

Risk based, business centred strategy and roadmap​

Rapid delivery of mature cyber resilience capabilities​

Stay resilient, adapt and respond to changing threats​

Outsourced executive level cyber security leadership on a part time basis​

A Virtual Chief Information Security Officer or vCISO is a service designed to provide outsourced executive level specialist cyber and information security expertise to organisations on a part time basis.

A vCISO service is tailored to your organisation’s specific cyber and information security maturity, capability and needs. It can be a combination of on-site and remote access to your own virtual CISO who can provide executive level advice and steer your cyber and information security strategy.

The vCISO service can range from a few hours per month to a fully outsourced information security function. The services can also be scaled up or down to adjust to your according your changing information security requirements and maturity over time.

What are the benefits of a vCISO service? ​

The benefits or a vCISO service compared to having a full time CISO includes:​

  • Flexibility – a vCISO services can be tailored to complement your in-house capabilities with specialist skills in specific areas where you may not have the skills or capabilities available full time.​
  • Scalability – the service can be scaled up or down with your workload and demand, for example you may want to ramp up the service when you are kicking off a new program, and then scale down again when returning to business-as-usual operations.​
  • Responsiveness – having a vCISO on demand means you can get access to specialist skills or assistance at short notice when you need it.​
  • Cost effective – the cost of a vCISO service is typically a fraction of what it would cost to have a full time CISO.​
  • Objectivity balanced with inside knowledge – a long term relationship with a vCISO often provides the right balance between the knowledge of an insider with the objective perspective of an external adviser. ​
  • Continuity – on average CISO roles turn over every 2 years. A vCISO service from an organisation with a number of experienced specialists as backup for each other means no staff turnover or periods when you have no CISO capability on board. ​
  • Access to a range of expertise – every CISO comes with their own unique background and experience. A vCISO service can provide you access to multiple different skillsets for less than the cost of an individual CISO.​
  • Proven methodology – a leading vCISO service is typically based on proven methodologies and approaches to ensure the effectiveness and efficiency of the service, not just “body shopping” of experienced people.​

Service pattern

Online vCISO

vCISO-as-a-Service

Outsourced vCISO

Description

A part time CISO providing online coaching, advice and support​

A dedicated part time CISO who becomes part of your management team​

Outsource the full management of your security program and function​

Initial setup and establishment

Current state maturity assessment​

Cyber threat and risk assessment​

Cyber security strategy and roadmap​

Cyber Accelerator Program​

Optional​

Optional​

Ongoing services

Executive and board reporting​

Regular​

Regular​

Regular​

Advice to management, participation in management meetings​

Online​

Regular​

Regular​

Oversight of security program​

On request

Risk assessment and remediation plans​

Information security policy framework​

Develop​

Manage​

Manage​

Security culture and awareness​

On request​

Oversight​

Manage​

Vulnerability assessment & penetration testing ​

On request​

Regular​

Ongoing program​

Third party risk management​

On request​

Regular​

Ongoing program​

Incident response planning​

On request​

Regular​

Ongoing program​

Decision support for incident management​

On request​

Formal role​

Lead role​

Coaching and mentoring of security staff​

If required​

Security architecture and design​

On request​

On request​

Project based​

Sourcing of cyber services​

Optional​

Optional​

Optional​

Sourcing of cyber security people and skills​

Optional​

Optional​

Optional​

Free strategy session

To find out whether a vCISO service would work for you we offer a free strategy session where we can answer your questions directly and figure out how to be most helpful to you.

To find out more or book a free strategy session, please complete the contact form below:

Subscribe to the Cyber Resilience newsletter YesNo

>