Illustration by Freepik Storyset

Virtual CISO - Involved

In addition to the above, we will function as a back-end remote security resource to the Company, guiding building out and establishing and/or maintaining an information security program. Interaction would be limited to one group and its management chain. We will provide references to best practices and guidance on the re-prioritization of initiatives as needed. We will be available 24/7 by email, phone, or chat and will respond to questions within 12 hours, typically faster. We will also be available for a 30-minute daily meeting to maintain synchrony, replacing the one-hour weekly call.

*Note: This option does require an initial Enterprise Security Gap Analysis to seed data and priorities for this service to be successful.

Virtual CISO - Involved

$9,500 / month
  • Everything included in Essentials
  • Daily standup
  • Responses within 12h
  • Incident Response Commander (24/7 - 1 per month)
  • Infosec roadmap, quarterly Infosec OKRs
  • Monthly executive reporting and check-in meeting
  • Lead hiring efforts, provide job descriptions, and interview candidates

FAQ

We will create an Information Security Strategy and Quarterly Information Security OKRs for Security Engineers.

We will provide guidance on executive information security prioritization, information security strategies and roadmaps, best practices on security specific to company environments, information security policies and frameworks, and designing future state security team and programs. 

We can provide input on information security priorities, and updated and related security information related to your specific environment and tools. We can also answer technical security questions to help guide you on specific security controls throughout applications and the organization.

You will find an increase in the security maturity of your organization, lowering your overall security risk and exposure. You will also find benefit in access to security thought leadership for real-time prioritization and proactive security response for your organization.