CyberHoot vCISO Offering
Cybersecurity help is hard to find but desperately needed by SMBs and MSPs. Enter CyberHoot's Virtual Chief Information Security Officer (vCISO) which provides cybersecurity program development and consulting services to you for a fraction of the cost of hiring.
Defense-in-Depth Security Program
Each vCISO engagement starts with a risk assessment yielding a prioritized list of risks. CyberHoot provides solutions and assistance you need to mitigate your risks. Our minimum essential approach ensures we spend your time and money like it's our own. The result is a defense-in-depth, effective, right-sized cybersecurity program that secures your company from today's threats.
Risk Assessment, Risk Treatment, and Remediation
vCISO Lite
Most companies need to start quickly. CyberHoot's vCISO Lite program performs a quick Risk Assessment tied to automatic prescriptions, and detailed tasks to mitigate your largest risks fast.
vCISO Pro
Mature companies use vCISO Pro for a detailed risk assessment, greater depth of probing, teasing out common and uncommon risks to your operations, brand, and company.
Both result in a prioritized list of risks and remedies designed to thwart hackers from compromising your business, your data, and your livelihood. CyberHoot's programs are right-sized for your specific company needs.
Planning and Execution
In phase 2, the Risk Registry is reviewed. Risks are codified, owners identified, timelines set, investments decided, and acceptable outcomes determined. Additionally, governance policies are created and sent to employees for review and acceptance.
Risk Remediation
With your vCISO guiding you and your IT resources, a prioritized list of security risks are remediation in Phase 3. This can take 3 to 6 months minimum and often takes upwards of a year to 18 months to eliminate technical debt, make IT investments, and complete projects from your risk registry. Your vCISO stands beside you all along the way to ensure positive outcomes that are robust and secure.
Run and Maintain Mode
Clients engage their vCISO for many things in Phase 4 such as completing cyberinsurance questionnaires, answering cybersecurity questions, drafting your Security Brief, and handling cybersecurity incidents.
Incident Handling
Having your vCISO manage a security incident from the start through conclusion and Root Cause Analysis (RCA) ensures the best possible outcome during a difficult time in a business’s life. The 4 sections defined below outline the vCISO process you can expect from CyberHoot.
Preparation (before an incident)
Before incidents occur, the vCISO builds incident response processes and secures approval from all stakeholders on this document.
Detection (at start of potential incident)
Incident discovery comes from many places, once detected, analysis is performed to confirm or refute an event.
Incident Handling (during incident)
vCISO leads containment, eradication, recovery, and revision efforts from start to finish.
Root Cause Analysis (RCA) (after incident)
Follow-up meeting to discuss what happened, why, and how to avoid a repeat, identify key opportunities for improvement, single points of failure, documentation gaps, etc…
Vulnerability Alert Management Process (VAMP)
Creating a repeatable process with agreed upon timelines for reacting to and mitigating a new and critical vulnerability is the key to success and protecting you from the following statistic: Of 317 SMB’s surveyed the 25% that reported being breached concluded that 80% of their breaches were due to missing patches from 1 month to 1 year in age. (Voke Research)
Create a VAMP Process Document
Your vCISO will bring a tried and true rating system to vulnerabilities and codify it for clients to establish guidelines for responding to a new issue.
Monitor for Alerts
Vendors release patches all the time. 3-4 times a decade there is a confirmed “drop everything” alert that requires immediate attention. Dozens of times a year, tour vCISO reacts to a potential “Drop everything” event to see if they need to pull the VAMP Fire Alarm drive and guide a response. 9 out of 10 times the issue is not that critical.
Research Mitigating Controls
Many vulnerabilities have mitigating controls that can be more easily implemented than patching and rebooting servers. Your vCISO will seek these out and report on them when available. For example: July 2020, a Sev 1 DNS risk was announced with a patch from Microsoft. A Registry Tweak provided immediate protection without patching and was recommended by CyberHoot vCISOs.
Validate Compliance
Various IT providers will say, "We patched everything for this vulnerability”. To them everything is what is known in the asset management database. Lost machines, abandoned machines, strange machines you didn’t realize run that OS can all lead to disaster.
vCISO Lite vs Pro comparison of features
Task | vCISO Lite | vCISO Pro |
|---|---|---|
Kick-off Meeting | ||
Basic Risk Assessment | ||
Incident Response 24x7x365 | ||
Risk Registry | ||
CyberHoot Cybersecurity Awareness Training | ||
Dark Web Monitoring and Reporting | ||
Awareness Training Compliance Reporting | ||
Quarterly Phish Testing | ||
Cybersecurity Bulletins, Advisories, Newsletters | ||
Standard Cybersecurity Governance Policies | ||
Cybersecurity Administrative Processes | ||
Ad Hoc Cybersecurity Consulting | ||
Cybersecurity Questionnaire Completion | ||
Advanced Industry Specific Risk Assessment | Cell | |
Cybersecurity Roadmap Tracking and Reporting | Cell | |
Customized and On Demand Awareness Training | Cell | |
Company "Cybersecurity Brief" | Cell | |
Cybersecurity Incident Summary +Improvement Opp. | Cell | |
Cybersecurity Product Training | Cell | |
Cybersecurity Client Administration Option | Cell | |
Custom Phish Testing Schedules & Reporting | Cell | |
Customized Cybersecurity Governance Policies | Cell | |
Customized Cybersecurity Administrative Processes | Cell | |
On-boarding and Off-Boarding Artifacts | Cell | |
Software-as-a-Service Tracking and Assessment | Cell | |
3rd Party Risk Management | Cell | |
Cybersecurity Metrics Program of Board and C-Suite | Cell | |
Project Consulting for Cybersecurity Implications | Cell | |
Senior Cybersecurity Resource assignment | Cell | |
Annual Cybersecurity Awareness Training Webinar | Cell |