top of page
Consistent Deliverables.
Consistent Results.
Our vCSO solution ensures consistent and reliable deliverables, delivering the results your business needs to stay protected.
Weekly
-
IT Status Meeting:
Attend IT status meeting to provide updates on projects, answer tactical security questions, and get decisions from leadership as needed; review any current security vulnerabilities and discuss how the organization may or may not be impacted.
-
Employee Security Training
Weekly video training modules to keep the entire organization vigilant and educated on the current cyber threats. A company leaderboard and credit score-based rankings heighten the competitive spirt.
Monthly
-
IT Performance Analysis:
Audit monthly IT activities, document findings and initiate/request/validate any necessary changes
-
IT/IS Security Meeting:
Meeting to review issue progress, vulnerability test results, security project status, plan for upcoming events, and review/edit deliverables as needed
-
Simulated Phishing Exercises:
Deploy simulated fishing exercises and analyze results for frequent clickers or other signs and/or anomalies.
-
Backup/Continuity Review:
Review backup of all endpoint machines and servers to ensure that they are occurring on a timely basis and are within backup service legal agreement
Quarterly
-
User Privilege Review:
Review the list of line of business, M365 and domain users to ensure no unneeded users; verify tickets were created for user termination requests as well as any human resources changes
-
Leadership Meeting:
Meet with the executive team to provide updates on current trends in IT security, the latest vulnerability analysis, and status of IT projects
-
Disaster Recovery Testing:
Provide ongoing security analysis of network, provide & review report findings with leadership and assist in necessary remediation projects
Bi-Annually
-
Board Update Meeting
Prepare and present updates for bi-annual cybersecurity risk board update
Annually
-
Chain-of-Custody Protocols:
Establish and maintain protocols for tracking of digital assets, ensuring secure handling and protection against unauthorized access
-
Policy Implem. & Review:
Implement, review, and update procedures
-
Penetration Testing:
Schedule, coordinate, and oversee third-party penetration testing; coordinate and remediate any findings from the testing
-
Vendor Security Audit:
Conduct security review of vendors; initiate/oversee vendor security changes as needed
-
Risk Assessment:
Review the different types of risk facing the business units; prioritize security and compliance investments and initiatives based on risk findings
-
PCI Self Assessment:
Complete and save to file the annual self-assessment questionaries for compliance purposes
-
Tabletop Exercise:
Perform annual table-top exercise of the disaster recovery plan/incident response plan with applicable IT vendors and company personnel
-
Inventory Data Assets:
Review the list of assets/vendors with the executive team on an annual basis, generally as part of quarterly IT executive meetings; review the list of Key Vendors in the IT security portal to ensure it is up to date
As-Needed
-
Site Visits:
Conduct in-person visits to the organization's sites to review on-site security practices and initiate necessary changes
-
Threat Intelligence Emails:
Provide threat intelligence emails to the organization as relevant
-
Security Deliverables:
Provide other security deliverables and best practices as needed
Schedule Your High-Level Executive Consultation
bottom of page