IT Solutions Provider OneNeck Introduces Virtual CISO Service
OneNeck IT Solutions has launched a virtual Chief Information Security Officer (vCISO) service to help businesses speed up the process of finding and hiring a CISO.
OneNeck’s vCISO service leverages a four-step approach to help businesses address cyber threats:
- Determine Current State: Assesses the current state of a company’s cybersecurity efforts based on regulatory requirements, risk tolerance, security solutions and other factors.
- Create a Cybersecurity Strategy: Develops a risk-based security methodology based on the current state of a company’s cybersecurity efforts.
- Establish an Action Plan: Produces an action plan based on a company’s risk exposure, vertical and team dynamics and a methodology for continual testing and improvement.
- Determine the Next Steps: OneNeck provides infrastructure and application security, identity and access management (IAM) and other security services to help businesses continuously combat cyber threats.
OneNeck’s vCISO service delivers multi-layered protection against cyberattacks, the company indicated. The service also provides businesses with insights into their security posture and eliminates the costs commonly associated with finding and hiring a CISO.
vCISO services are, in some ways, a natural follow-on to vCIO services that have surfaced in the traditional MSP market for SMB customers the past decade or so. Training and coaching organizations like TruMethods have helped MSPs to build the vCIO services.
Still, vCISO services aren’t for the faint of heart. MSPs that promote such services need deep cybersecurity skills, and they must also frame customer contracts in a way to minimize potential liabilities should the customer suffer a cyber breach or other type of cyber setback.
Cylance Launches vCISO Service
In addition to OneNeck, threat detection and prevention solutions company Cylance in December launched a vCISO service.
Cylance’s vCISO service provides technology and security resources to support security architecture and augment an organization’s security staff, the company said. It also helps organizations manage their everyday security needs and meet common security standards, frameworks and compliance regulations.
Additional insights from Joe Panettieri.