What Does a Virtual CISO Do?
The role of a virtual CISO can vary depending on the specific requirements of a business, but typically a vCISO is engaged to help understand the goals of the business, determine the risks that business faces and to devise a strategy and action plan to mitigate those risks and secure the business going forward.
Some of the key areas that a vCISO are generally involved include, but are not limited to the following:
- Security Operations – Covering risk and threat analysis, as well as incident response planning, triage and response in the event of a security incident.
- Data Protection – Not only backups, DR and Business Continuity, but also data loss prevention and making sure the right tools and processes are in place to balance productivity and flexibility with security.
- Security Architecture – This can include assessing and recommending technology to aid security, and also ensuring that IT infrastructure is designed and implemented with security best practices in mind.
- Training and Education – Devising and potentially delivering Security training for all levels of the business, to make sure everyone is aware of the security risks and what is required of them to help keep the business secure.
- Standards and Frameworks Compliance – Assessing if compliance with security frameworks such as ISO 27001 or Cyber Essentials could benefit the business, and providing an action plan and driving it through to completion if certification is part of the strategy.
In addition, a vCISO can help bridge the gap that often exists between IT and Operations teams and Senior Management, ‘translating’ security and technology matters into business terms to ensure that security strategy and business strategy are not just aligned, but complimentary, and understood from the Service Desk to the Board Room.