The Virtual CISO service offering provides experienced Security Program oversight and strategy to you without the need for a dedicated full-time equivalent Information Security Officer. With our Virtual CISO Service you get retained board-level resource to oversee, manage and/or augment your security strategy, budget, risk assessment and regulatory programs.
The offering is unique and tailored to each client. It is typically structured in one of two ways:
Virtual CISO is for companies that do not have dedicated security staff and want assistance in maturing their organization and reducing risk. Elevate would provide a part-time Virtual CISO to provide oversight, implement a strategy to improve defense, and reduce risk through maturing the various security domains.
Virtual CISO Plus is for companies that may or may not have dedicated security staff and want deeper expertise to protect business critical data. Elevate can run your cyber security program, implementing a strategy and including bundled services to support the client.
This service can range in duration from being a few hours per month consultancy to an interim full time CISO. Plus, we can flex the service up or down according your changing information security requirements and with knowledge transfer over time.
Cyber Security Training for Board of Directors
With cyber security training from Elevate, you can educate your board of directors to ensure that they have access to accurate, timely and relevant industry information in the areas of cyber security and IT governance.
For instance, Cyber Security in the banking industry is more important than ever. When the FDIC released updates to the FFIEC Management Booklet of the IT Handbook in 2015, it introduced a number of new obligations for financial institutions’ boards of directors. Specifically, your board is now required to remain actively engaged in, and fully govern, IT Management and IT governance training.
Although not mandated by the SEC, the SEC does review to determine if a Cyber Security expert is in your boards that can ask the right questions of management about Cyber Security and information protection.
Elevate’s Board of Directors Advisory and Cyber Security education is tailored to your board and provides a hands-on opportunity for discussion and questions. Elevate’s team of industry experts will conduct an interactive exercise to cover IT Regulatory Requirements and the five general awareness topics related to cyber security preparedness, including:
1. Risk Management and Oversight
2. Threat Intelligence and Collaboration
3. Cybersecurity Controls
4. External Dependency Management
5. Cyber-Incident Management and Resilience
Our cyber security training will help you build the foundation your board needs to maintain a vigilant cyber security compliance program, make informed decisions and stay competitive in the industry.