PS-vCISO (Virtual Cheif Information Security Officer)

Executive Security Leadership

PacketSecurity's Virtual Chief Information Security Officer (PS-vCISO) was designed to help businesses take control of their information security program. Our time-honored proven solution will help develop a security strategy that guards sensitive information, protects customer data and strengthens brand reputation. In the security industry there is a shortage of qualified candidates which has made it increasingly expensive and difficult to recruit, attract and retain individual qualified resources.

Assembled from years of experience, our team has industry experts who apply their knowledge to provide you with an excellent resource that will guide your security program. Whether your team is large or small, your vCISO will help Build, Plan and Execute a security strategy that directly aligns with your business strategy.

If you just need assistance or if you do not have the need for a dedicated CISO, we have three different types of vCISO offerings, PS-VCISO-OnDemand, PS-VCISO-Dedicated and PS-vCISO-MSSP. With each of these service offering you can substantially and immediately strengthen your employee and executive continuation plan. This will give you a reliable and convenient fallback that will maintain the critical functions of governance, risk management and compliance.

Areas that our vCISO can manage and take ownership of (not limited to the below)

  • Information security team management with Executive Reporting
  • Interacting with Executive Management
  • Attending Board of Director's meetings, giving them an update on the state of security in the organization
  • Policies, procedures, standards, and guidelines
    • We can work directly with business units to define needs and write effective Policies and procedures
    • We can/will then package and present them to management and seek approval
    • We can/will define or modify as needed, an Incident response and event management program
    • Develop and plan security awareness training and track progress
    • Ensure proper distribution and serve as point for clarification or guidance on security related items
    • Plan and develop a sound security infrastructure that directly is in alignment with direction from ‘the Board’ and the business plans
  • Threat and Vulnerability Management
  • Annual Security Strategy Refresh
  • Service Management and Control
  • Security Dashboards & Trend Analysis
  • Vendor Management

Please see below for a breakdown of each vCISO service, Included in this breakdown are a list of items included in each service tier.

Service Offering Description Includes
PS-vCISO-OnDemand This tier provides your oganization with a trusted senior security advisor. This will help guide your organization through the construction and/or improvement of an information security program. This service introduces and/or improveds the principal tenets of information security to the organization.

This tier has been developed for the organizations that needs assistance on an as needed basis or just wants assistance with figuring out what to do with their security program
  1. Evaluate the current security program and determine at what maturity the organization is currently at.
  2. Provide recommendations on changes that need to be made to provide a more robust security program
  3. Evaluate current security tools, software programs, policies & procedures and make recommendations to provide the organization with a more rounded security program
Advise management on the following:
  1. Security training and awareness
  2. Review of regulatory compliance and adherence
  3. Vendor management
PS-vCISO-Dedicated In this tier we take a more hands on approach and assist you with the development and management of the organizations Information Security Program. Our skilled resources will advise on the following: Security & Risk Assessment/Planning, Risk & Compliance Management, Incident Response & Forensics, Threat Mitigation and Strategy.

This tier offers more detailed assistance than the OnDemand service by: assisting with the drafting of the security policy, procedures, plans, etc.. (for example) rather than providing critical advice.

Provides all the service offerings of the OnDemand Tier, Plus:
  1. Executive meeting participation
  2. Participate with the Information Security Planning Strategy
  3. Security Program Development assistance
  4. Third Party Risk Management 
  5. BCP/DR advise and assistance
  6. Bi-annual Vulnerability and Penetration testing
  7. Annual phishing exercises
PS-vCISCO-MSSP In this Tier we will run and operate the entire security program. We will provide a full management and support staff that will be responsible for the building, management and the improving of the Information Security program. PacketSecurity has years of experience in all facets of Information security.

By leveraging this tier, you are gaining years of experience and will put your program on the path to success. We can customize any aspect of the support program to your organizations need. We can take a portion of the tasks or we can do it all.

Provides all the service offerings of the OnDemand & Dedicated tiers, plus:
  1. Incident response planning and execution
  2. Management and support staff to perform the security functions needed to secure your organization
  3. Monthly Vulnerability testing and reporting
  4. Quarterly Penetration and reporting testing
  5. Threat Intelligence Updates
  6. Software assessments

Benefits of the PacketSecurity Virtual CISO Program Include:

  • Assessment and development of the Information Security Program
  • Independent review of audit controls
  • Review, Assessment and Development of information security skills of the team
  • Coordination of Investigation and Security Breaches
  • Independent review of you Security Framework, Compliance and Risk
  • Senior Level Reports
  • Senior Security Professional with years of experience
  • Reduce or minimize threat of cyber attacks
  • Access to onsite and offsite CISO