Virtual CSO

Our executives & specialists become part of your team, providing the hard to find and difficult to afford expertise and experience that your security program needs for success at a fraction of the cost of employing such a team full-time.

Virtual Cyber Security Office (vCSO)

Why Organizations Need vCSO

You share many of the complexities and risks of larger firms but with fewer resources. Keeping up with accelerating threats and executing best practices in technology, process, personnel, and policies requires a hard-to-find executive with a team of specialized experts that are unaffordable as full-time hires. vCSO gives you on-demand access to seasoned executives and specialists.

How vCSO Benefits Organizations

Our seasoned executives and subject matter experts provide what you need at a fraction of the cost of employing such personnel full-time. They ensure that you make the most of your lean resources, steering you away from over-hyped, under-performing offerings, for example.

How vCSO Serves Organizations

We assess your needs, develop a roadmap to achieve best practices, help implement your security program, craft metrics that monitor its value, and periodically test everything. We work with you as to how best to use your allocated hours per month.

We are Where You Need Us, When You Need Us

  • Briefing your board
  • Guiding your governance team
  • Optimizing budget plans
  • Reporting at staff meetings
  • Responding to regulators
  • Evaluating security products
  • Conducting assessments
  • Remediating security holes
  • Leading incident responses

Tangible Security's vCSO service provides:

  • Security program assessment
  • Security program roadmap planning
  • Independent and objective view of risk, compliance and security posture
  • Experienced senior security manager; avoids costly mistakes
  • C-level presentation skills on current and future cyber security initiatives
  • Virtual attendance to meetings, physical attendance as required
  • Cybersecurity interface with regulators, banks, partners and customers
  • Evaluation and recommendation of security products & technologies
  • Governance, Risk Management & Compliance (GRC) program oversight
  • Assistance with development and maintenance of:
    • Cybersecurity policies, processes and controls
    • Business Continuity and Disaster Recovery plans
    • Security Awareness Training program for employees
    • Third-party vendor security compliance program
  • Access to Allen Harper
    • EVP and Chief Hacker at Tangible Security
    • Lead Author of Gray Hat Hacking, the Ethical Hackers Handbook, 4th Edition
  • Coordination of security breach and incident investigations
  • Cybersecurity compliance expertise with:
    • Health Insurance Portability & Accountability Act (HIPAA / HITECH)
    • Sarbanes-Oxley Act (SOX)
    • Payment Card Industry (PCI Data Security Standards)
    • Gramm-Leach-Bliley Act (GLBA)
    • Federal Information Security Management Act (FISMA)
    • Family Educational Rights and Privacy Act (FERPA)
    • EU Data Privacy and Safe Harbor
  • Assistance with security engineering to include secure software development or any company project that may require security input, for example,
  • Network changes, mergers, system upgrades, web site changes, etc.
  • Access to secure client portal, including:
    • Latest security news
    • Recommendations & best practices
    • Support ticket entry and tracking