vCISO Service offering

vCISO services are ment for organizations to get supporting services for the C- suite  in developing, implementing or improving their ISMS (Information Security Management System)


By default, these services also **include** an assessment against one or more known standards like:


- CCB Framework (Center for Cybersecurity Belgium)

- ISA 62443 series

- ISO 27001 / 27002

- NIST Framework


The goal of the assessment is to determine if there are any gaps in the cybersecurity approach and to define recommendations.


Next to the assessment, there are additional services depending on the need of the organization. These services are structured in packages depending on the depth of engagement needed.

Remote vCISO services


Quarterly Business Reviews:

Each quarter we meet with our technology steering committee. During this meeting we review changes within the organization, outline best practices, 

​ identify risk and vulnerability gaps in the current technology and review a dynamic roadmap for the next 3 to 5 years


Monthly performance reporting:

A summary report will be provided each month that will include a technology assessment.  

​This assessment will provide progress and status updates of technology condition​​, security posture and roadmap progress between reviews.


Monthly call with the owner/CEO:

​During a monthly call we will inform the CEO of any critical concerns including Security, Project progress and personnel needs.


Estimated time budget:

​Up to 8 hours per month

Business vCISO services


Quarterly Business Reviews:

Each quarter we meet with our technology steering committee. During this meeting we review changes within the organization, outline best practices, 

​ identify risk and vulnerability gaps in the current technology and review a dynamic roadmap for the next 3 to 5 years


Monthly performance reporting:

A summary report will be provided each month that will include a technology assessment.  

​This assessment will provide progress and status updates of technology condition​​, security posture and roadmap progress between reviews.


Monthly call with the owner/CEO:

​During a monthly call we will inform the CEO of any critical concerns including Security, Project progress and personnel needs.


Adds:

Weekly IT staff calls:

Weekly calls to review project progress, project barriers, Service performance, vendor response and support on other operational and security topics


Annual vendor performance reviews:

A review of vendor performance including SLA compliance, Contract value and service quality​


Estimated time budget:

​Up to 16 hours per month included

Executive vCISO services


Quarterly Business Reviews:

Each quarter we meet with our technology steering committee. During this meeting we review changes within the organization, outline best practices, 

​ identify risk and vulnerability gaps in the current technology and review a dynamic roadmap for the next 3 to 5 years


Monthly performance reporting:

A summary report will be provided each month that will include a technology assessment.  

​This assessment will provide progress and status updates of technology condition​​, security posture and roadmap progress between reviews.


Monthly call with the owner/CEO:

​During a monthly call we will inform the CEO of any critical concerns including Security, Project progress and personnel needs.


Weekly IT staff calls:

Weekly calls to review project progress, project barriers, Service performance, vendor response and support on other operational and security topics


Annual vendor performance reviews:

A review of vendor performance including SLA compliance, Contract value and service quality​


Adds: 


C-Level meetings:

​Regular attendance at key leadership meetings or board meetings. Presenting Project progress and Cybersecurity posture.


Bi-monthly on-site visits:

On site visits to review projects, hold meetings, 1-1 meetings for project scoping​ 


Estimated time budget:

​Up to 24 hours per month included

First Class vCISO services


Quarterly Business Reviews:

Each quarter we meet with our technology steering committee. During this meeting we review changes within the organization, outline best practices, 

identify risk and vulnerability gaps in the current technology and review a dynamic roadmap for the next 3 to 5 years


Monthly performance reporting:

A summary report will be provided each month that will include a technology assessment.  

​This assessment will provide progress and status updates of technology condition​​, security posture and roadmap progress between reviews.


Monthly call with the owner/CEO:

​During a monthly call we will inform the CEO of any critical concerns including Security, Project progress and personnel needs.


Weekly IT staff calls:

Weekly calls to review project progress, project barriers, Service performance, vendor response and support on other operational and security topics


Annual vendor performance reviews:

A review of vendor performance including SLA compliance, Contract value and service quality​


C-Level meetings:

​Regular attendance at key leadership meetings or board meetings. Presenting Project progress and Cybersecurity posture.


Bi-monthly on-site visits:

On site visits to review projects, hold meetings, 1-1 meetings for project scoping​


Adds:


Weekly On-Site Visits:

​Weekly on-site days to meet with teams and key stakeholders. Staff 1-1 meetings and mentoring/coaching


Annual 360 employee reviews

​Handle the IT review process for IT staff. This includes a self evaluation of each staff member and a performance review for executive and HR use 

​in determining promotions and bonusses 


Estimated time budget:

​Up to 40 hours per month included