Recurring Cybersecurity Services

Our “CISO as a Service” provides the customer with the necessary security insight and leadership, as well as additional security-related services typically included in any successful security program.

Awareness and Training | Phishing

We will administer an existing service purchased by the organization or we can provide the entire service to the organization.

Ready Access to “CISO on Call”

Ability to schedule a conversation with the practice lead to seek advice, compare notes, understand what peers might be doing and otherwise broaden perspective ahead of any decision.

Program Oversight and Planning

Services can include annual budgeting process, capability and solution reviews in comparison to peers, and changes in the security environment.

Security Operations Oversight and Governance

The operational services will be provided via trusted third party with direct oversight and service management from us.

Executive Education and Awareness

We will provide periodic updates and presentations to the Executive Leaders. Breakfast or lunch sessions with security advisors give these executives opportunities to ask questions and receive straight answers in a safe environment.

Vulnerability Management

We will manage a vulnerability management solution of the organization’s choice, including documentation of vulnerabilities and remediation decisions, or we can provide a vulnerability assessment capability that includes periodic reports and oversight of the vulnerability management processes.

Third Party Security Reviews

We will execute a systematic process to vet third parties against established security criteria, including summary results and recommendation.

Documentation Updates

Information security policies, standards and procedures will be reviewed and updated periodically. We will also collaborate to update the organization’s information security incident response plan and disaster recovery plan.

Periodic Penetration Testing

We will coordinate all efforts including sourcing providers, aligning timings and scope with the business, execution of the test and independent remediation recommendations.

Refresh of Original Gap Assessment

We will update the gap assessment originally provided by Vernovis to reflect all changes during the year and provide revised priority remediation tasks.