authentic.it services profile v4.2
TRANSCRIPT
authentic.itt a k i n g I T f r o m g o o d t o g r e a t
The$Challenge
! Changing threat landscape! Limited resources! Limited skill sets! Limited appreciation of
Cyber Security within business! Limited or no visibility! Updated Privacy Laws with
Mandatory Reporting requirements
! Existing Services and Solutions are tactical
2
! Assessments are of high value at a point in time
! Managed Services ensure infrastructure and applications remain available
! with limited resources, businesses need to focus their energy on making wise decisions based of up to the minute security intelligence.
! They need to focus on Leadership as well as Management
SECURITY)LEADERSHIP
3
when we manage we plan, budget, organise and control
when we lead we create vision and strategy, establish culture, setting our sights
above the horizon
4
Leadership
Creating vision and strategy, keeping awareness on the horizon, utilising insights
from the current environment and collective outside knowledge to set a course for the continual protection of the confidentiality,
integrity and availability of information assets.
5
Security$Leadership
How$does$a$business$without$
dedicated$resources$find$
Security$Leadership?
Virtual$CISO
Chief$Information$Security$Officer
7
What$does$a$Virtual$CISO$do?
! Work$as$a$part$of$your$executive$ leadership$team,$providing$ advice$and$guidance$ on$addressing$the$confidentiality,$ integrity$and$availability$of$your$business$information;
! Providing$ Security$Leadership$on$the$evolving$ threat$landscape$and$its$applicability$ to$your$business;
! Develop$ Information$Security$Strategies,$Policies,$Standards$and$Guidelines$for$your$business;
! Leverage$Critical$Thinking$ and$Organisational$Change$ techniques$to$build$a$security$aware$
culture$throughout$ your$entire$organisation;
! Periodically$ assess$the$security$posture$of$your$business$against$business$risk$frameworks,$industry$standards$and$government$ regulation;
! Identify$ and$implement$the$technologies$ that$will$best$manage$and$mitigate$your$information$security$risk;
! Ensure$you$have$the$right$information$ collected$to$develop$ a$detailed$understanding$of$your$environment$and$apply$analytics$and$intelligence$practices$to$allow$you$to$detect$potential$
exploitation;$ and
! At$all$times,$working$closely$with$your$existing$IT$resources$or$external$service$providers.
8
How$do$you$engage$your$Virtual$CISO?
Packages
! The$first$step$in$securing$your$
business$couldn’t$be$easier
! Based$on$a$set$rate$and$specified$hours,$Virtual$CISO$packages$
provide$just$the$right$level$of$advice$and$direction$to$meet$both$your$budget$and$business$needs
! Have$an$executive$workshop$
facilitated,$ obtain$a$perspective$on$a$nagging$problem,$or$develop$a$business$case.
Scope$of$Work
! A$more$detailed$ issue,$cultural$
change$program,$or$implementation$of$security$strategy$may$be$better$suited$to$a$
Scope$of$Work$approach
! Together$we$will$define$the$scope,$the$expected$outcomes,$timing$and$business$value$you$need$for$
success
! We$will$then$establish$a$fixedOprice$agreement$to$complete$the$
engagement.$Of$course,$while$having$certainty$on$price,$you$will$also$have$the$flexibility$to$change$
the$scope$at$any$time$to$suit$your$changing$business$situation.
Virtual$CISO$Packages$
! AWARENESS
! $480*
! 3$Hours$Virtual$CISO$
! Can$include$phone$and$$email$contact,$security$
research$and$document$review
! ADVICE
! $900*
! 6$Hours$Virtual$CISO$
! Can$include$phone$and$$email$contact,$faceOtoOface$
meetings,$security$research$and$document$review
! FOUNDATION
! $1,450*
! 10$Hours$Virtual$CISO$
! Can$include$phone$and$$email$
contact,$faceOtoOface$meetings,$security$research$and$document$
review$or$preparation
! DEEPODIVE
! $3,450*
! 25$Hours$Virtual$CISO$
! Can$include$phone$and$$email$contact,$ faceOtoOface$
meetings,$security$research$and$strategy$preparation
* Excludes$GST.$Conditions$Apply
Additional$Security$Advisory$Services
! Assessment
! Security$Technology$review$and$recommendation
! Security$Project$Management
! Analytics$and$Intelligence
Engage$in$a$way$that$best$suits$you
! There$are$many$ways$in$which$you$can$interact$with$your$
Virtual$CISO
Phone Schedule$phone$ calls$or$teleconferences
Email Email$contact$to$and$from$your$Virtual$CISO
Web$Conference$ Schedule$Web$Conferences$providing$ voice, video$and$content$sharing
Onsite Meetings FaceOtoOface$meetings with$you$and$your$team
Workshops Facilitated$workshops$to$build$ awareness,$set$direction,$train$or$solve$problems
Offsite$Research Investigation$ into$general$security$issues,$or$specific$to challenges$ in$your$
business.
Document$
Review
Have$security$plans,$strategies,$technology$ proposals$and$more$reviewed$for$
business$fit
Document$
Development
Develop$ plans,$strategies,$requirements, request$for$proposals$and$other$
security$related$outputs
Need$to$recreate$TAG$Cloud