CISO

In an organization, a Chief Information Security Officer (CISO) is responsible for IT security, IT security strategy design and implementation with a focus on properly addressing cyber security risks. The CISO is charged with regulatory and operational compliance to all standards and regulations related to and required for the business. In today’s constantly evolving cyber threat landscape, employing the services of a CISO will definitely bring the benefits to your organization 

 You may not be in a position to find, recruit and hire your own full-time dedicated and talented CISO.  There are also other circumstances that make the outsourcing of a CISO a viable proposition:

•  You are a small to mid-sized business and are looking for a cost-effective alternative.
•  An IT security expert is needed temporarily, e.g. for a specific project, upcoming audits, while you search for your own specialist, etc .
•  To step in for an employee on vacation or extended leave. 

 With the guidance of our Chief Information Security Officer, your organisation can do the following: 

• Meet globally accepted best practices 
• Develop a robust, reliable Information Security Management System (ISMS) 
• Develop a security culture and optimise technology 
• Maximise return on investment 
• Maintain compliance 
• Provide technical expertise using the knowledge of our consulting pool, or by themselves becoming a consultant for an appropriate task 
• Provide intellectual leadership and advice to senior management and the board 
• Identify, analyse and communicate security-related tasks at any level 
• Develop a sustainable security strategy tailored to your business needs 

 Security Change Management 

• A good change management process requires proposed changes be reviewed by stakeholders including security.  Our CISO can review change proposals for their impact on security and analyse subtle and complex interactions of systems to understand how security risks would be affected. 

 Document Review 

• Security policy and procedure documents ensure security consistency and are needed for compliance requirements.  Our CISO have experience drafting and reviewing security documentation for all kinds of environments from startups  to large Government departments and can ensure that relevant best practices are followed.

 Security Reporting 

• Your security function must gather information and  report to the rest of the organisation to enable  strategic objectives to be met. Our CISO can use  automated and manual methods to gather security  metrics and produce reports suitable for compliance  activities or presentation to any level of the  organisation 

 Our outsourced CISO offering provides a highly experienced CISO with relevant qualifications to help your business. Qualification includes: 

• ISACA’s Certified Information Security Manager (CISM) 
• CGEIT (Certified in the Governance of Enterprise IT) 
• Demonstrable expertise in DPA, GDPR and ISO27001, and other best-practice security frameworks 
• Certified Information Security Professional (CISSP) 
• Certified Ethical Hacker (CEH)