CyberHunter’s Virtual Chief Information Security Officer (vCISO) program is specifically designed for small and medium sized business. Whether it is a long or short term engagement, we are here to help you easily and cost-effectively get through the challenges of day to day cyber security issues and / or compliance issues.
vCISO Services & Your Security Posture
The overall goal of the CyberHunter vCISO program is to improve your overall cyber security posture and produce a workable, balanced plan that can be successfully implmented, and also communicated effectively to the management team. Security Posture A cyber security posture relates to the security status of an enterprise’s networks, information, and systems based on information security resources (e.g., people, hardware, software, policies) and capabilities in place to manage the defense of the enterprise and to react as the situation changes.
In other words, your specific posture will indicate how healthy or resilient your organization is when it comes to cyber security, and how well it can defend itself against cyber attacks, breaches, and intrusions. Defining your cyber security posture is important because it will guide your entire strategy, prioritize your security projects, and influence your cyber security spending throughout the years.
What is Your Cyber Security Maturity Level?
Low Maturity
Organizations with a LOW cyber security maturity level typically have weak digital defenses. They are at high risk and need significant improvement in several ways to strengthen their overall cybersecurity posture and protect their mission-critical assets against breaches and intrusions.
Medium Maturity
Organizations with a MEDIUM cyber security maturity level typically have average cybersecurity defenses. They have made several steps in securing their mission-critical assets, but are still at risk and there is still considerable room for improvement.
High Maturity
Organizations with a HIGH cyber security maturity level typically have strong cybersecurity defenses. They have implemented the necessary strategies, processes and procedures to optimize their cybersecurity posture, are aware of their critical assets and can face security incidents with confidence and preparedness. Most small to medium businesses (and even large enterprise) fall into the category of LOW or
Cyber Security Assessment
The following is a brief overview of the steps involved in the initial cyber security assessment and risk analysis process:
Step 1
During Step 1 (Defining the Scope & Scheduling Sessions), CyberHunter will work with the organization to determine which information assets to include in the evaluation. The organization will also identify business owners and technical stewards who will provide evidence and interviews to evaluate those assets. The risk assessor will then schedule interview sessions with those owners and stewards.
Step 2
In Step 2 (Defining Risk Assessment Criteria) CyberHunter will work with the organization to define the rules by which they assess and score risks. They will define their mission (the value they bring to others), and their obligations (the potential for harm against others) to establish what they are trying to protect. CyberHunter will then define scoring schemas to be used for impact and likelihood estimation.
Step 3
In Step 3 (Defining Risk Acceptance Criteria) an evaluation of the organization’s risk tolerance will be established by selecting a combination the likelihood of an impact that would be tolerable to all parties (the organization and parties that may be harmed by realized risks).
Step 4
In Step 4 (Risk Evaluation) the CyberHunter assessor will evaluate the risks of the information assets and estimate the likelihood and impact of each of the identified risks. The goal is to determine whether the current implementations of cyber security controls are already reasonable (or not). For some organizations, the analysis may include the following activities:
Step 5
During Step 5 (Propose Safeguards) CyberHunter will research and consider how best to address any gaps and identified unreasonable risks by recommending cyber security controls that should be implemented to address each risk, and specifically how the controls will be implemented. These safeguards may include security devices, physical safeguards, training, oversight processes, or other methods.
Conclusion
The Gathering of Evidence involves a review of documents, such as policies, procedures, standards, and benchmarks. It includes interviews with management and personnel. Evidence gathering also entails observation of configurations, facilities, records, and work processes to determine whether they operate in secure or vulnerable ways. Certain organizations may also consider having CyberHunter review the configurations of controls and looking for evidence of their effectiveness. Vulnerability scanners, penetration tests and configuration scanners using SCAP policies may provide efficient analysis of technical systems to assist in this analysis.
Putting It All Together- Your Cyber Security Roadmap
Once the overall information gathering, modeling, evaluation and analysis has been performed, a roadmap shall be created by the CyberHunter team. This will be a clear and concise “C-Level executive” presentation that discusses a balanced approach to improving the overall security posture of the organization within reasonable timelines.
Ongoing Security Posture Improvement
As we all know, an organization’s critical assets change constantly, much like a living breathing entity. Data grows, it changes and it disperses across multiple devices and locations (e.g. mobile device or cloud). It is constantly being accessed by new people and partners with new hardware, new software and even in new ways. On top of these changes, the threat landscape is evolving extremely rapidly. As such, it is important to understand that cyber security frameworks, policies, procedures and controls also need to adjust to these dynamic factors. Recommendations today, may not be sufficient for tomorrow.
If the organization is interested in continuous growth, a CyberHunter vCISO partnership will provide regular guidance, ongoing risk identifcation and analysis as well as reportable, trackable measurement for delivery to boards and C-Level executives on a quarterly basis.
vCISO Service Pricing
All virtual CISO service plans include an initial kickoff meeting, either via video conference or face to face. Kickoff meeting can be customer-issue-focused (e.g. we need an incident response plan, OR, we need architectural guidance on our new application) OR we can follow a foundational interview and audit process that allows CyberHunter to gain a comprehensive understanding of the network environment, critical assets, sensitive data, security technologies in place, processes and methodologies used by the cyber security arm of the organization, etc. If the below packages do not meet your needs, clients may choose to construct a custom plan that contains specific services to achieve a specific corporate objective.
Additional CyberHunter Services
• Manual Penetration Testing (web application, network)
• Automated Vulnerability Management Programs
• Anti-Phishing / Ransomware Protection for Email
• Anti-Phishing / Ransomware Protection for Web Browsing
• Rogue Device Detection / Prevention (Windows OS)
• Threat Hunting as a Service
• Infrastructure Logging and Monitoring Services
• Certified Forensic Analyst / Chain of Custody Services
• Web Application Firewall Service