I'm a Wisconsin-based CISO / vCISO consultant. I work remotely from Milwaukee in cybersecurity. I'm often asked:What is a CISO / vCISO?
The Chief Information Security Officer (CISO) or "virtual" (vCISO) is a security executive consultant responsible for an organization's information security strategy, security operations and compliance, and the overall data security (and maybe privacy) of the company. The vCISO offers their time and insight to an organization on an ongoing 'per hour' basis, usually part-time and the work completed remotely with minor onsite visits. The vCISO generally works with and establishes a trust relationship with the small / medium business's founder and other key stakeholders to provide assurances that the company's assets are safe.
They're usually engaged to design the organization's security strategy, and some may manage the implementation. Beyond Policies and Procedures. vCISO's focus on topics such as Security Operations, Cyber Risk, Incident Commander, Data loss and Fraud Prevention, Security Architecture, Identity and Access Management. The real answer is anything thrown at the vCISO. :)
Need a vCISO leader? ;) Contact me!