CyberHoot vCISO Offering

Cybersecurity help is hard to find but desperately needed by SMBs and MSPs. Enter CyberHoot's Virtual Chief Information Security Officer (vCISO) which provides cybersecurity program development and consulting services to you for a fraction of the cost of hiring.

CyberHoot Professional Services

Defense-in-Depth Security Program

Each vCISO engagement starts with a risk assessment yielding a prioritized list of risks. CyberHoot provides solutions and assistance you need to mitigate your risks. Our minimum essential approach ensures we spend your time and money like it's our own. The result is a defense-in-depth, effective, right-sized cybersecurity program that secures your company from today's threats.

PHASE 1

Risk Assessment, Risk Treatment, and Remediation

vCISO Lite

Most companies need to start quickly. CyberHoot's vCISO Lite program performs a quick Risk Assessment tied to automatic prescriptions, and detailed tasks to mitigate your largest risks fast.

vCISO Pro

Mature companies use vCISO Pro for a detailed risk assessment, greater depth of probing, teasing out common and uncommon risks to your operations, brand, and company.

Both result in a prioritized list of risks and remedies designed to thwart hackers from compromising your business, your data, and your livelihood.  CyberHoot's programs are right-sized for your specific company needs.

PHASE 2

Planning and Execution

In phase 2, the Risk Registry is reviewed. Risks are codified, owners identified, timelines set, investments decided, and acceptable outcomes determined. Additionally, governance policies are created and sent to employees for review and acceptance.

PHASE 3

Risk Remediation

With your vCISO guiding you and your IT resources, a prioritized list of security risks are remediation in Phase 3.  This can take 3 to 6 months minimum and often takes upwards of a year to 18 months to eliminate technical debt, make IT investments, and complete projects from your risk registry.  Your vCISO stands beside you all along the way to ensure positive outcomes that are robust and secure.

Incident Response Process
PHASE 4

Run and Maintain Mode

Clients engage their vCISO for many things in Phase 4 such as completing cyberinsurance questionnaires, answering cybersecurity questions, drafting your Security Brief, and handling cybersecurity incidents.

Incident Handling

Having your vCISO manage a security incident from the start through conclusion and Root Cause Analysis (RCA) ensures the best possible outcome during a difficult time in a business’s life. The 4 sections defined below outline the vCISO process you can expect from CyberHoot.

Preparation (before an incident)

01

Before incidents occur, the vCISO builds incident response processes and secures approval from all stakeholders on this document.

Detection (at start of potential incident)

02

Incident discovery comes from many places, once detected, analysis is performed to confirm or refute an event.

Incident Handling (during incident)

03

vCISO leads containment, eradication, recovery, and revision efforts from start to finish.

Root Cause Analysis (RCA) (after incident)

04

Follow-up meeting to discuss what happened, why, and how to avoid a repeat, identify key opportunities for improvement, single points of failure, documentation gaps, etc…

Vulnerability Alert Management Process (VAMP)

Creating a repeatable process with agreed upon timelines for reacting to and mitigating a new and critical vulnerability is the key to success and protecting you from the following statistic: Of 317 SMB’s surveyed the 25% that reported being breached concluded that 80% of their breaches were due to missing patches from 1 month to 1 year in age.  (Voke Research)

Create a VAMP Process Document

Your vCISO will bring a tried and true rating system to vulnerabilities and codify it for clients to establish guidelines for responding to a new issue.

Monitor for Alerts

Vendors release patches all the time. 3-4 times a decade there is a confirmed “drop everything” alert that requires immediate attention. Dozens of times a year, tour vCISO reacts to a potential “Drop everything” event to see if they need to pull the VAMP Fire Alarm drive and guide a response. 9 out of 10 times the issue is not that critical.

Research Mitigating Controls

Many vulnerabilities have mitigating controls that can be more easily implemented than patching and rebooting servers.  Your vCISO will seek these out and report on them when available.  For example: July 2020, a Sev 1 DNS risk was announced with a patch from Microsoft. A Registry Tweak provided immediate protection without patching and was recommended by CyberHoot vCISOs.

Validate Compliance

Various IT providers will say, "We patched everything for this vulnerability”. To them everything is what is known in the asset management database. Lost machines, abandoned machines, strange machines you didn’t realize run that OS can all lead to disaster.

Security Program Risk Reduction Over Time

vCISO Lite vs Pro comparison of features

Task

vCISO Lite

vCISO Pro

Kick-off Meeting

Basic Risk Assessment

Incident Response 24x7x365

Risk Registry

CyberHoot Cybersecurity Awareness Training

Dark Web Monitoring and Reporting

Awareness Training Compliance Reporting

Quarterly Phish Testing

Cybersecurity Bulletins, Advisories, Newsletters

Standard Cybersecurity Governance Policies

Cybersecurity Administrative Processes

Ad Hoc Cybersecurity Consulting

Cybersecurity Questionnaire Completion

Advanced Industry Specific Risk Assessment

Cell

Cybersecurity Roadmap Tracking and Reporting

Cell

Customized and On Demand Awareness Training

Cell

Company "Cybersecurity Brief"

Cell

Cybersecurity Incident Summary +Improvement Opp.

Cell

Cybersecurity Product Training

Cell

Cybersecurity Client Administration Option

Cell

Custom Phish Testing Schedules & Reporting

Cell

Customized Cybersecurity Governance Policies

Cell

Customized Cybersecurity Administrative Processes

Cell

On-boarding and Off-Boarding Artifacts

Cell

Software-as-a-Service Tracking and Assessment

Cell

3rd Party Risk Management

Cell

Cybersecurity Metrics Program of Board and C-Suite

Cell

Project Consulting for Cybersecurity Implications

Cell

Senior Cybersecurity Resource assignment

Cell

Annual Cybersecurity Awareness Training Webinar

Cell

Learn more about CyberHoot vCISO!