Compliance and policy strategy. It’s hard times out there! Does your organization need to have a Chief Information Security Officer or Chief Security Officer to meet regulatory or policy obligations? Is your CISO on leave, or is your organization between CSOs at the moment? Why not let MSI handle these obligations for you for a fraction of the cost of hiring full time personnel?
Through our Virtual CISO/CSO offering, MSI will perform any or all of the duties a CISO or CSO would normally undertake. Here are some examples of what MSI can do for you:
- Review any part or all of your organization’s information security program for compliance with regulation, standards and policy, then, if needed, develop a road map and strategy for bringing your security situation into line with requirements
- Present your security posture and plans for the future to your organization’s Board of Directors or other concerned bodies such as government regulators
- Assess the information security skills of your IT department personnel and develop a program of education and cross training designed to provide them with skills necessary to protect your private information in the increasingly dangerous computer processing climate of today
- Handle your organizations vendor management program. MSI will validate, track and maintain your organization’s relationships with third party service providers and vendors
- Develop and monitor your organization’s multi-media information security and awareness program
- Review your organization’s written information security program, then, if needed, develop a road map and strategy for bringing your written information security program in line with requirements
- Develop and monitor your organization’s threat monitoring and risk assessment program
- Review or develop your organization’s information security incident response program
- Develop and train your organization’s information security incident response team
- Review and monitor your organization’s business continuity/disaster recovery program to ensure the adequacy and security of the program
- Review or monitor your organization’s network security program including system and event monitoring, network segmentation and enclaving, access control and authorization processes, egress filtering, anomaly detection, privilege control, and more
Pick your own service! Don’t see the service you need in the list above? MSI will work with you to provide the information security service you need!