Virtual CISO
Introduction
The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats. The CISO may also work alongside the chief information officer to procure cybersecurity products and services and to manage disaster recovery and business continuity plans.
Instead of waiting for a data breach or security incident, the CISO is tasked with anticipating new threats and actively working to prevent them from occurring. The CISO must work with other executives across different departments to ensure that security systems are working smoothly to reduce the organization's operational risks in the face of a security attack.
CISOs typically have relevant certifications such as Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM), as well as Certified Information Systems Security Professional (CISSP). Du to their experience, CISOs typically earn between £75k-£100k, which is unrealistic for small & medium businesses.
The CISO's tasks may include:
Hiring a virtual CISO has many advantages, the most common being the cost effectiveness:
CISOs typically have relevant certifications such as Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM), as well as Certified Information Systems Security Professional (CISSP). Du to their experience, CISOs typically earn between £75k-£100k, which is unrealistic for small & medium businesses.
The CISO's tasks may include:
- Leading on the information security and compliance governance programs.
- Understanding industry trends and leading with architecting security solutions.
- Providing guidance and support in achieving compliance requirements.
- Managing the Information Security team.
- Defining and maintaining policies & procedures.
- Supporting and leading the Incident Response team.
Virtual CISO
A Virtual CISO is a practical and cost-effective solution for organisations that don’t have the expertise and knowledge, or finance to justify employing a dedicated individual to satisfy the position. It allows your organisation to cost-effectively access strategic security experience and technical skills, gaining all the benefits without the capital expenditure (salary, hiring costs, sick pay, holiday pay, training costs and potential redundancy payments).Hiring a virtual CISO has many advantages, the most common being the cost effectiveness:
Benefits
Cost Effective - only pay for the time working with you.
Adaptive - can adapt with your company better.
Expertise - have a lot of experience with business and security.
Independent - free of internal politics and conflicts.
Connections - have many connections with vendors and industry professionals.
Services
Our Virtual CISO service is available in two packages to suit your organisation:CISO Basic
- Review compliance & policies.
- Review BCP & DR.
- Review security architecture.
- Onsite meetings (1 day/yr).
- Telephone & e-mail support.
- Single Site/Location.
- Suitable for SME (<50 staff).
From £1,500/yr +VAT
CISO Advanced
- Review compliance & policies.
- Review BCP & DR.
- Review security architecture.
- Onsite meetings (3 days/yr).
- Telephone & e-mail support.
- Remote support.
- Multiple sites/Locations.
- Suitable for larger companies.
From £2,750/yr +VAT
All our Virtual CISOs are CISSP qualified and members of the Security Institute. It is important to realise that the Virtual CISO service is advisory, and it is the responsibility of the organisation to ensure sufficient resources are available to conduct the tasks.
Datasheet
Virtual CISO Datasheet (287Kb)Frequently Asked Questions
- Do I need a CISO?CISOs cannot guarantee security, but they can improve it. Appointing a CISO may appear unnecessary while systems seem secure, but waiting until a breach occurs could be disastrous. However, it may be beyond the budget of a small company - which is why a virtual CISO is a good alternative.
- How much will I save?A typical CISO will earn between £75k-£100k a year (not including extras). Our virtual CISO service starts from £1,500 a year - which is a considerable saving.
- What if I require more help?Don't worry - you can pay for additional help on a daily basis (with prices starting from £700 per day).
- Can you provide training?Yes, of course. Our information security experts have years of training experience. This can be included within the included onsite visit days, or additional days can be purchased from £650 per day.