Gain Senior Level Security Professionals
at a Fraction of the Cost

For organizations with significant data security needs but limited staff capacity, a dedicated Towerwall senior consultant will perform the function of your Chief Information Security Officer (CISO). This Virtual CISO service is ideal for organizations looking to tap a seasoned expert without the full expense of bringing one on staff. Drawing on their previous experience as in-house CISOs, Towerwall vCISOs define data security strategies and manage implementation with your organization’s IT and junior-level security staff.

The personal relationship Towerwall extends is very reassuring. In data security it’s important to trust the integrity of your security professionals and we do. Towerwall is always there to educate us on new security trends and products to help protect our data.

- Ron Gove, IT Director, Long’s Jewelers

What We Do

The vCISO assigned to your company will be responsible for the following milestones and deliverables:

Expert Advisor

Serve as an expert advisor to senior management in the development, implementation, and maintenance of an information security infrastructure that ensures that security and privacy best practice control objectives are achieved for the organization.

Establish Security Roles and Responsibilities

Deliverables include:

  • Documented job descriptions
  • Assignment of roles to appropriate individuals
  • Implementation of an IT Security Steering Committee

Oversee Efforts

Oversee the effort to remediate critical Technical Controls Review findings. Deliverables include:

  • Project plans
  • Weekly Status Reports (Process Owners)
  • Project Completion Reports

Assess Technology

Assess technology procurement and implementation procedures. Deliverables include:

  • A formal process for product evaluation, procurement and implementation
  • Identification of point solutions and areas that function in silos
  • Establishment of bi-weekly IT Project Review Meetings

Activation, maintenance and oversight of Security Policies

Deliverables include:

  • Review, get management approval, and activate the Overarching Security Policy
  • Review and list security policies currently in place and those that need to be updated and or created

Establish Security Awareness Initiatives

Establish security awareness initiatives for IT management and staff.

  • Establish ownership for security awareness
  • Create a security awareness initiatives calendar of events
  • Implement one IT security awareness initiative

Oversee Vendors

Oversee 3rd Party vendor management practices. Deliverables include:

  • Create procedures and assign ownership for governing vendor contracts and SLAs
  • Review 3rd party vendor contract, services and SLAs and provide:
  • An evaluation of 3rd Party Vendor achievement of SLAs, the handling of incidents, reporting and service activations and deactivation
  • A list of required and currently performed 3rd Party Vendor services and obstacles to success
  • Recommended contract modifications
  • Create an outsource strategy that highlights IT functions that could be outsourced and those which are best kept in-house

Liaison for Audits and Assessments

Act as liaison for audits and assessments ensuring that the reporting is accurate and appropriate.

  • Provide oversight to audit and risk remediation efforts

Why Choose Virtual CISO

Virtual CISO is an ideal solution for:

Small / medium sized businesses that are required by legislation (MA 201 CMR 17, FISMA, HIPAA) or industry regulations (PCI) to have a named individual responsible to lead the security effort.

A Towerwall senior consultant with previous CISO experience will perform the function of CISO for your organization.  This service has been developed for organizations that do not have the experience on staff or would like to have a seasoned expert on staff without the full expense.  The services fits ideally with an organization that has IT and more junior level security staff and needs to have the strategy defined and implementation managed a high level.

With Virtual CISO you will gain a team of senior level security professionals at a fraction of the cost of an in house Information Security Officer.

Want to engage our Virtual CISO services?