.png)
INTEGRATED CYBER SERVICES
Secure Guidance
Strategic Action
A fully managed approach to cybersecurity integrated business decisions and ongoing program management.
The Integrated Service level is a customized cybersecurity program that provides advisory firms with a vCISO (Virtual Chief Information Security Officer) for strategic oversight and regulatory engagement.
Through a monthly cadence of meetings with your Cyber Consultant, firms that select the Integrated Services level, are dedicated to continuous improvement of their cybersecurity program.
At the Integrated Services level, your Cyber Consultant can manage, oversee and implement all cybersecurity related issues and solutions with outside IT provider.
CYBER PROGRAM CHECKLIST AND TOOLS
-
Document Library & Quarterly CCO Cyber Task Calendar
-
Standard Operating Procedure Guides and Examples
-
Business Impact Analysis Guide
-
Crown Jewels Analysis Guide
-
IT Controls Review Tasks
-
Incident Response Playbook
CYBER EDUCATION
-
Quarterly Internal Cybersecurity Education
-
Subscription to Your Cyber Life Platform for End Client Education
-
Manager and CCO Specific Cybersecurity Education
Plus
-
Annual Cybersecurity Policy Training Video
-
Annual Live and Collaborative Cybersecurity Policy Training
-
Incident Response Tabletop Exercise Upon Request
VULNERABILITY SCANNING
-
External Vulnerability Scanning
-
Microsoft Secure Score Tracking
Plus
-
Internal Endpoint Vulnerability Scanning
-
Microsoft Entra AD Scanning
WRITTEN DOCUMENTATION PACKAGE PREPARED FOR SEC READINESS
-
Upon notice of upcoming exam the cyber advisor will prepare an exam readiness documentation for cyber
Plus
-
Real-Time Support in Cyber Portion of SEC Exam
-
Interference With Regulators
-
Annual Mock SEC Cybersecurity Audit
-
Assisted Drafting of Cyber Related Items, Submissions and Remediations During and Post Exam
CYBER SUPPORT AND POLICY DOCUMENTS
-
Unlimited Call & Email Support
-
Written Information Security Policy template
-
Incident Response Policy template
-
Business Continuity Policy template
-
Disaster Recovery Policy template
Plus
-
Customization of Documents Tailored to the Firm’s Implemented Practices
-
vCISCO Service Coordinating with IT team to Ensure Controls Outlined by the Policies are in Place
-
vCISCO Quarterly Report to the Board / C-Suite With Cybersecurity Briefing and Risk Reporting
RISK ASSESSMENT AND RISK MANAGEMENT
-
NIST Based Cyber Risk Assessment Tailored to Clients Maturity Level
-
Rank Ordered Report of Findings with Mitigation Suggestions
-
Vendor Cyber Due Diligence
Plus
-
Ongoing Risk Management via Cyber Platform
-
Quarterly Prepared Risk Management Reports
-
vCISO Service to Facilitate Mitigation with 3rd Parties
-
vCISO Service to Facilitate Risk Committee Including Agenda, Reports and Minutes
COACHING AND GUIDANCE
-
Industry Security Alerts & Regulation Rule Changes
-
Best Practice Consulting for IT Operations
-
Quarterly Scheduled Calls
Plus
-
vCISCO Interface with IT team to Close Gaps and Complete Cyber Tasks
-
Monthly Scheduled calls