Product tabs

Overview

What can a Virtual CISO offer you?
• Establish, maintain and monitor a comprehensive information security program to ensure the integrity, confidentiality and availability of information owned, controlled, or processed by your organisation.

• Drive information security projects and enhancements to adapt to existing, changing and emerging information security threats.

• Mitigate threats and risks as identified by risk assessments and audits.

• Perform information security risk assessments and coordinate the performance of third party internal and external network and systems vulnerability assessments.

• Provide information security assessments of third-party vendors and service providers as part of the credit unions vendor management program.

• Develop, maintain, and manage the incident response plan; lead incident responses and investigations of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary, in coordination with the Risk Management department.

• Create and manage information security awareness training programs for employees, contractors, and approved system users.

• Facilitate audits and examinations by regulatory agencies and create risk mitigation plans for audit findings and track the plans to completion.

• Lead strategic security planning with IT management, risk management and users across the organisation.

• Work directly with business units to facilitate IT risk analysis and risk management processes; identify acceptable levels of risk, and establish roles and responsibilities with regard to information classification and protection.

• Maintain awareness of changing and emerging information security and cybersecurity threats, and provide subject matter expertise to executive management on a broad range of information security topics and standards.

• Provide guidance and input to technical reviews of proposed projects, services and vendors.

• Work with Audit and Compliance pertaining to Data Privacy to ensure security programs are in compliance with applicable laws, regulations and policies, to minimise or eliminate risk and mitigate and resolve audit findings.

• Coordinate use of external resources involved in the information security program, including information security service providers, physical security service providers, and consultants.

• Oversee the management and monitoring of layered security controls such as firewalls, servers, and other IT devices.

• Provide support and governance for enterprise security projects.

• Provide support and security-related information, as needed, to business unit stakeholders.

Instant Quote

Ask a question

Get in touch. Complete the form below.

Resources

Fill in the form to download the Virtual CISO information pack.

*We will not sell your data, but we may market to you

Download Now