vCISO – Virtual Chief Information Security OfficerHave strategy, have a plan and have a team
ESX will serve a role akin to a senior security executive in your company. This includes the following activities:
- Conduct an annual information security assessment, including controls and process maturity.
- Create a remediation plan based on the assessment.
- Assist in annual strategic planning to define goals, create plans, and identify resource needs for the following year.
- Participate in quarterly executive or board meetings.
- Report performance metrics.
- Liaise between the Client and the Security Operations Center for high-profile incidents. (All other incidents will be handled at the operational level without the vCISO.)
- Any client-requested work (other than the above) for up to 4 hours/week. Typical client requests include the following activities:
• Attend Client meetings.
• Provide general best practices, templates, or guidance to help with a specific project.
• Project management for the remediation plan or any other project.
• Identify security requirements for products created by the client.
• Assess risk of a Client-specific situation.
• Consulting with Client’s customers or vendors or answering their security questionnaires.
• Third-party risk management (assessing risk associated with the Client’s customers or vendors).
• Perform or review enterprise architecture or solutions architecture.
The vCISO is shared amongst multiple clients in order to keep client costs down, so consultations must be booked in advance through ESX’s online calendar. The vCISO’s normal working hours are on non-holidays Mon-Fri 9am to 5pm US Central time.
Over 3000 Happy Customers
Talk to one of our experts.
M-F: 7am - 6pm (CST)
Eden Prairie, MN 55344