Description of Service Offerings

YourCISO services are offered in a variety of delivery models based on your specific needs. All services are fulfilled by seasoned senior level security professionals. The objective of our YourCISO service is to assist clients with the planning and management of their information security and risk management programs, to respond to security incidents as thoroughly and inexpensively as possible and to teach clients how to become ‘security’ self-sufficient. Service categories include:

Security consultant engagements: This service provides project-specific consulting priced on a pre-planned fixed price or time and materials basis and is usually the best option for the following engagements:

  • Information security gap analysis to determine compliance with regulations/best practice
  • Data breach response analysis and mitigation
  • Acting CISO while searching for the right full-time candidate
  • Project leader to establish security program function, policies and procedures
  • Subject matter expert for a specific security initiative
  • Threat data analysis and security control selections
  • Network and physical security vulnerability assessments and mitigation plans
  • Security awareness training program
  • Annual risk assessments and improvement plans
  • Business continuity and disaster recovery planning
  • Certification project management, such as ISO 27001, PCI, HIPAA, SOX

YourCISO subscription service: This service is aimed at helping small and medium sized businesses by providing the right expertise on an as needed basis to address the absence of an on board security professional. The service is based on the premise that the information security advice and expert services needed by small and medium sized businesses should be readily available without concern about unbudgeted costs.

If you think our subscription YourCISO service is right for you, please contact sales@riskbasedsecurity.com