Lightweight, flexible & scalable without compromise.

Data threats change daily and organizations need cutting edge support to stay ahead of risk. If you, like many organizations are challenged with having data security needs, with limited staff capacity and staffing options, Towerwall’s advisors are available to perform the function of Chief Information Security Officer. This enables the Information Security Department to focus on critical IT projects, while still ensuring that security is being driven forward.

Towerwall’s virtual Chief Information Security Officer (vCISO) service allows you to leverage the executive leadership skills of a Towerwall security and compliance expert who has previous practical CISO experience. Towerwall’s experts serve as confidential thought partners allowing your executives the opportunity to brainstorm, cross check ideas, and get advice from industry leaders. Towerwall trusted advisors help you stay vigilant about incoming threats – now and in the future. More specifically, Chief Information Security Officer services enable you leverage the experience and skills of a Towerwall senior security consultant.

We developed this program as an alternative to the traditional Chief Information Security Officer role. With Towerwall’s vCISO Platform, you gain access to the most experienced team in information security, without increasing your headcount. Stay ahead of threats, develop policies and keep your network safe.

- Michelle Drolet, Founder & CEO of Towerwall

Why Choose Virtual CISO

With Towerwall’s Virtual CISO (vCISO), you can:

Built for your Security Needs

Our unique vCISO platform offers three distinct partner options customized to your organization’s security needs.

Add CISO Experience to Your C-Level Team

A Towerwall senior consultant with previous CISO experience will perform the function of CISO for your organization.  This service has been developed for organizations that do not have the experience on staff or would like to have a seasoned expert on staff without the full expense.  The services fits ideally with an organization that has IT and more junior level security staff and needs to have the strategy defined and implementation managed a high level.

Expert Advisor

Serve as an expert advisor to senior management in the development, implementation, and maintenance of an information security infrastructure that ensures that security and privacy best practice control objectives are achieved for the organization.

Add To Your Top & Bottom Line

With Virtual CISO you will gain a team of senior level security professionals at a fraction of the cost of an in house Information Security Officer.

Establish Security Roles and Responsibilities

Deliverables include:

  • Documented job descriptions
  • Assignment of roles to appropriate individuals
  • Implementation of an IT Security Steering Committee

Oversee Efforts

Oversee the effort to remediate critical Technical Controls Review findings. Deliverables include:

  • Project plans
  • Weekly Status Reports (Process Owners)
  • Project Completion Reports

Assess Technology

Assess technology procurement and implementation procedures. Deliverables include:

  • A formal process for product evaluation, procurement and implementation
  • Identification of point solutions and areas that function in silos
  • Establishment of bi-weekly IT Project Review Meetings

Activation, maintenance and oversight of Security Policies

Deliverables include:

  • Review, get management approval, and activate the Overarching Security Policy
  • Review and list security policies currently in place and those that need to be updated and or created

Establish Security Awareness Initiatives

Establish security awareness initiatives for IT management and staff.

  • Establish ownership for security awareness
  • Create a security awareness initiatives calendar of events
  • Implement one IT security awareness initiative

Oversee Vendors

Oversee 3rd Party vendor management practices. Deliverables include:

  • Create procedures and assign ownership for governing vendor contracts and SLAs
  • Review 3rd party vendor contract, services and SLAs and provide:
  • An evaluation of 3rd Party Vendor achievement of SLAs, the handling of incidents, reporting and service activations and deactivation
  • A list of required and currently performed 3rd Party Vendor services and obstacles to success
  • Recommended contract modifications
  • Create an outsource strategy that highlights IT functions that could be outsourced and those which are best kept in-house

Liaison for Audits and Assessments

Act as liaison for audits and assessments ensuring that the reporting is accurate and appropriate.

  • Provide oversight to audit and risk remediation efforts

How it Works

Towerwall’s vCISO offerings provide remote services across multiple organizations. It enables participants to share the costs and benefits and leverage the experience, skills, and business acumen of a virtual Chief Information Security Officer.

To start, select services from a list of offerings via a consensus process by enrolled organizations. vCISO-6: Requires a minimum of (6) enrolled organizations. vCISO-3: Requires a minimum of (3) enrolled organizations.

Sign Towerwall Statement of Work indicating agreement with the selected service offerings, specified deliverables, and associated hours and price.

Selecting Towerwall’s Consortium vCISO services will enable the you to:

  • Acquire information security and data privacy expertise in a more efficient and economical way
  • Work together to eliminate information security and compliance related project redundancies
  • Benefit from cost efficient price points for high value services
  • Leverage deliverables by all or some participants, based on the services selected.

Want to engage our vCISO Platform?