CISO Support as a Service
Executive level CISO expertise for your organization’s cybersecurity posture
Every organization today has to be prepared for a cybersecurity attack that could cripple, or even destroy their organization. News stories arise regularly of the most current breach or the loss of operations due to a breach, ransomware, or malware attack. As a result, organizations are spending more of their operational budgets on cybersecurity to address this growing threat.
Many organizations face these challenges in developing their cybersecurity program:
- establishing a full security program is expensive
- the talent to execute the program is hard to find
- the need for external information such as threat management is difficult to navigate
Evolver, a leading provider of cybersecurity services to commercial, legal and federal clients, answers these cyber challenges through our Chief Information Security Officer (CISO) Support Services. While some information technology companies call this service “virtual CISO,” Evolver’s Support as a Service offering is a more comprehensive, deeper offering with a delivery that does not at all feel “virtual” to the client.
Who needs CISO support?
Organizations with a CISO that need added services to implement their cybersecurity strategy
Organizations without a CISO that require a part time CISO and the right sized associated services
CISO Support Offerings
Evolver provides CISO Support services around a number of defined offerings. Our full range of services meets the needs of all size organizations, from start up to Fortune 500 companies through a series of offerings that can be provided as stand alone or in combination to meet the client’s needs.
Senior Level CISO
We provide the staff to fulfill the CISO role for our clients. Our senior leaders hold certifications, such as CISSP, and have extensive experience in CISO related positions.
CISO Consulting and Establishment
Evolver provides support to companies that are just establishing a CISO position and function with consulting services that allow for a logical, and cost effective transition program.
Policy and Control Documentation
Evolver has extensive experience developing security documentation that fulfills major standards organizations (ISO, NIST, etc.) and we have staff available to work closely with the client to develop the right policy for the client the following areas:
- Access Control
- Awareness and Training
- Audit and Accountability
- Security Assessment and Authorization
- Configuration Management
- Contingency Planning
- Identification and Authentication
- Incident Response
- Media Protection
- Physical and Environmental Protection
- Personnel Security
- Risk Assessment
- System and Services Acquisition
- System and Communications Protection
- System and Information Integrity
Audit and Assessment Support Services
Evolver provides full audit and assessment support service programs, including:
Objective 1: Penetration Audit
Objective 2: Social Engineering
Objective 3: Security Strategy and Systems
Objective 4: Network Technology
Objective 5: General Network Topology
Objective 6: Connections to External Partners
Objective 7: Inbound and Outbound Remote Access Strategy
Objective 8: Security Policies
Objective 9: Virus Protection
Objective 10: Physical Security
Objective 11: Application Control Vulnerabilities
Objective 12: Application Control Vulnerabilities – Enterprise Systems
Objective 13: Data Back-up and Recovery