CyberHoot vCISO Offering

Cybersecurity help is hard to find but desperately needed by SMBs and MSPs. Enter CyberHoot's Virtual Chief Information Security Officer (vCISO) which provides cybersecurity program development and consulting services to you for a fraction of the cost of hiring.

CyberHoot Professional Services

Defense-in-Depth Security Program

Each vCISO engagement starts with a risk assessment yielding a prioritized list of risks. CyberHoot provides solutions and assistance you need to mitigate your risks. Our minimum essential approach ensures we spend your time and money like it's our own. The result is a defense-in-depth, effective, right-sized cybersecurity program that secures your company from today's threats.


Risk Assessment, Risk Treatment, and Remediation

vCISO Lite

Most companies need to start quickly. CyberHoot's vCISO Lite program performs a quick Risk Assessment tied to automatic prescriptions, and detailed tasks to mitigate your largest risks fast.


Mature companies use vCISO Pro for a detailed risk assessment, greater depth of probing, teasing out common and uncommon risks to your operations, brand, and company.

Both result in a prioritized list of risks and remedies designed to thwart hackers from compromising your business, your data, and your livelihood.  CyberHoot's programs are right-sized for your specific company needs.


Planning and Execution

In phase 2, the Risk Registry is reviewed. Risks are codified, owners identified, timelines set, investments decided, and acceptable outcomes determined. Additionally, governance policies are created and sent to employees for review and acceptance.


Risk Remediation

With your vCISO guiding you and your IT resources, a prioritized list of security risks are remediation in Phase 3.  This can take 3 to 6 months minimum and often takes upwards of a year to 18 months to eliminate technical debt, make IT investments, and complete projects from your risk registry.  Your vCISO stands beside you all along the way to ensure positive outcomes that are robust and secure.

Incident Response Process

Run and Maintain Mode

Clients engage their vCISO for many things in Phase 4 such as completing cyberinsurance questionnaires, answering cybersecurity questions, drafting your Security Brief, and handling cybersecurity incidents.

Incident Handling

Having your vCISO manage a security incident from the start through conclusion and Root Cause Analysis (RCA) ensures the best possible outcome during a difficult time in a business’s life. The 4 sections defined below outline the vCISO process you can expect from CyberHoot.

Preparation (before an incident)


Before incidents occur, the vCISO builds incident response processes and secures approval from all stakeholders on this document.

Detection (at start of potential incident)


Incident discovery comes from many places, once detected, analysis is performed to confirm or refute an event.

Incident Handling (during incident)


vCISO leads containment, eradication, recovery, and revision efforts from start to finish.

Root Cause Analysis (RCA) (after incident)


Follow-up meeting to discuss what happened, why, and how to avoid a repeat, identify key opportunities for improvement, single points of failure, documentation gaps, etc…

Vulnerability Alert Management Process (VAMP)

Creating a repeatable process with agreed upon timelines for reacting to and mitigating a new and critical vulnerability is the key to success and protecting you from the following statistic: Of 317 SMB’s surveyed the 25% that reported being breached concluded that 80% of their breaches were due to missing patches from 1 month to 1 year in age.  (Voke Research)

Create a VAMP Process Document

Your vCISO will bring a tried and true rating system to vulnerabilities and codify it for clients to establish guidelines for responding to a new issue.

Monitor for Alerts

Vendors release patches all the time. 3-4 times a decade there is a confirmed “drop everything” alert that requires immediate attention. Dozens of times a year, tour vCISO reacts to a potential “Drop everything” event to see if they need to pull the VAMP Fire Alarm drive and guide a response. 9 out of 10 times the issue is not that critical.

Research Mitigating Controls

Many vulnerabilities have mitigating controls that can be more easily implemented than patching and rebooting servers.  Your vCISO will seek these out and report on them when available.  For example: July 2020, a Sev 1 DNS risk was announced with a patch from Microsoft. A Registry Tweak provided immediate protection without patching and was recommended by CyberHoot vCISOs.

Validate Compliance

Various IT providers will say, "We patched everything for this vulnerability”. To them everything is what is known in the asset management database. Lost machines, abandoned machines, strange machines you didn’t realize run that OS can all lead to disaster.

Security Program Risk Reduction Over Time

vCISO Lite vs Pro comparison of features


vCISO Lite


Kick-off Meeting

Basic Risk Assessment

Incident Response 24x7x365

Risk Registry

CyberHoot Cybersecurity Awareness Training

Dark Web Monitoring and Reporting

Awareness Training Compliance Reporting

Quarterly Phish Testing

Cybersecurity Bulletins, Advisories, Newsletters

Standard Cybersecurity Governance Policies

Cybersecurity Administrative Processes

Ad Hoc Cybersecurity Consulting

Cybersecurity Questionnaire Completion

Advanced Industry Specific Risk Assessment


Cybersecurity Roadmap Tracking and Reporting


Customized and On Demand Awareness Training


Company "Cybersecurity Brief"


Cybersecurity Incident Summary +Improvement Opp.


Cybersecurity Product Training


Cybersecurity Client Administration Option


Custom Phish Testing Schedules & Reporting


Customized Cybersecurity Governance Policies


Customized Cybersecurity Administrative Processes


On-boarding and Off-Boarding Artifacts


Software-as-a-Service Tracking and Assessment


3rd Party Risk Management


Cybersecurity Metrics Program of Board and C-Suite


Project Consulting for Cybersecurity Implications


Senior Cybersecurity Resource assignment


Annual Cybersecurity Awareness Training Webinar


Learn more about CyberHoot vCISO!