GET THE BENEFIT OF HIGHLY SPECIALIZED SECURITY TALENT FOR A FRACTION OF THE COST OF A FULL-TIME STAFF MEMBER.
Our Virtual Chief Security Office (VSCO) solution will help your business make security decisions, understand security threats, and optimize security processes. With our VCSO solution, you will retain a board-level resource who can virtually sit inside your company and manage your security strategy, budget, review of risks and regulator programs.
With our VCSO solution, we will not be sitting on the sidelines. Our goal is to be constantly and consistently delivering results. Below we will outline the ongoing items that we will be providing as a part of this solution.
Provides context for decisions being made within the cybersecurity program.
Prioritizes items for completion within the organization-provides a trustworthy place to start.
Creates oversight for the organization’s security – the Executive team knows it is being proactively managed.
User Privilege Review
Review the list of line of business, m365 and domain users to ensure no unneeded users; verify tickets were created for user termination requests as well as any Human Resources changes.
Executive Leadership Meeting
Meet with executive team (CEO, COO, CFO, GC and CAO) to provide updates on current trends in IT security, latest vulnerabilities analysis and status of IT projects; supplement with further updates as needed.
Vulnerability Scan / Security Services
Provide ongoing security analysis of network, provide / review report findings with leadership and assist in planning of necessary remediation projects.
Third-Party Penetration Testing
Schedule, coordinate and oversee third party penetration testing; coordinate and remediate any findings from the testing.
Policy and Procedure Review
Review policies and make updates based on organizational changes; if changes are made to acceptable use policy, coordinate with legal and incorporate into Employee Handbook as needed; create and implement new policies as needed.
Conduct security review of vendors, including completion of Vendor Self-Assessment Questionnaire; initiate/oversee vendor security changes as needed; Review most current contracts to determine if updates are needed.
Review the different types of risk facing the business units; prioritize security and compliance investments and initiatives based on risk findings.
PCI and Cyber Insurance Self-Assessment
Complete and save the file to annual self-assessment questionnaires for compliance purposes.
Perform annual table-top exercise of the disaster recovery plan / incident response plan with applicable IT vendors and company personnel.