RSI's Virtual Chief Information Security Officer (vCISO) services help organizations protect their infrastructure, data, people and customers. Our vCISOs are top security experts that work with the executives and technical team of a company to provide leadership and direction to improve a company's security posture.
Cybersecurity/ Information Security Leadership & Guidance
Oversee and develop client's Cybersecurity Program from inception to documentation to implementation.
Steering Committee Leadership and/or Participation
RSI will meet with executive leadership to showcase cybersecurity and compliance initiative progress, and to advise on the future needs to align company objectives with sufficient security.
Security Compliance Management
RSI will align all security initiatives with any compliance requirements you may face, ie GDPR, CCPA, HIPAA, and incorporate requirements into overall cyber security plan.
Security Policies, Processes & Procedures Development
RSI will work with your employees to develop formalized documentation around all aspects of the Cybersecurity program in the form of IT controls, risk remediation, policies, procedures, and standards. This documentation will be centrally managed and periodically reviewed by RSI and client's executive management.
Incident Response Planning & Governance
The RSI team will assist your organization in the oversight of monitoring for Incidents and Vulnerabilities and will assist responding to Incidents. Furthermore, your vCISO will ensure that the Incident Response Plan is created and periodically updated based on your company’s evolving IT environment and industry best practices.
Security Training & Awareness Governance
The vCISO will assist your IT team in creating and/or enhancing the Security Training & Awareness exercises implemented for all employees and contractors. This will include formal in-person trainings and Security Newsletters in order to keep your employees and contractors informed of current threats and how to stay diligent.
Critical Data Classification
Your vCISO and the RSI team will work diligently to create an accurate Asset Inventory of your IT environment and assist in identifying where your critical data resides. Our team will continuously assist your organization in creating controls around maintaining this process in real-time and ensuring that the appropriate protections are in place for all critical systems & data.
Internal Audit Liaison & Support
With our team’s IT Audit background at Deloitte, they can represent your organization in all audit initiatives and assist with the communication, understanding, and address all IT-related audit initiatives. Furthermore, your vCISO will be the point of contact for auditors to request any form of evidence or documentation. Finally, the vCISO will review all audit reports and findings in order to formalize future initiatives and ensure they are incorporated into your cybersecurity and compliance roadmap.
Risk Assessments, Tracking & Remediation
Your vCISO has the ability to conduct a comprehensive Risk Assessment, based on the regulation and/or framework that most closely aligns with your business objectives, by using our industry-disrupting CyberCompass™ platform. As part of this initiative, the vCISO and team will create a list of all identified risks, ranked by criticality, and a roadmap to remediation. As part of this continued effort, the vCISO will govern all initiatives related to remediating cyber risks and create controls and processes as a formalized method to mitigate these risks in the future. They will also assist with reporting findings, progress, scope changes, etc. to your key stakeholders.