SlideShare a Scribd company logo

VIRTUAL CISO AND OTHER KEY CYBER ROLES

A look at what is a Virtual CISO and which cyber security roles you may want to consider setting up in your organisation

VIRTUAL CISO AND OTHER KEY CYBER ROLES

1 of 10
Download to read offline
VIRTUAL CISO
AND OTHER SECURITY ROLES OVERVIEW
VERSION: 1.4a
DATE: 26/03/2019
AUTHOR: SYLVAIN MARTINEZ
REFERENCE: ES-INTERNAL
CLASSIFICATION: PUBLIC
2
• Context • Virtual CISO role
overview;
• Virtual CISO Role
Scope;
• Core cyber security
roles overview;
• Training and career
plan strategy;
• Training and career
plan example.
CONTENTS
PUBLIC
NEXT STEPS
TRAINING &
CAREER
OTHER ROLESVCISOCONTEXT
• Next Steps Objectives.
CONTEXT
NEXT STEPS
TRAINING &
CAREER
OTHER ROLESVCISOCONTEXT
3PUBLIC
THIS DOCUMENT WAS CREATED WITH THE MAURITIUS MARKET IN MIND, HOWEVER
IT CAN BE RELEVANT TO MOST PARTS OF THE WORLD, ESPECIALLY WHEN IT COMES TO
SMALL AND MEDIUM ENTERPRISES.
MAJOR CYBER SECURITY CHALLENGES INCLUDE DECIDING WHAT ACTIVITIES TO
PRIORITISE, WHERE TO START, HOW TO DELIVER VARIOUS CYBER SECURITY PROJECTS
AND PROGRAMS AS WELL AS KNOWING WHAT IS BEST FOR THE PROFILE OF THE
COMPANY.
RECRUITING CYBER SECURITY STAFF WITH A LOT OF EXPERTISE IS DIFFICULT TO FIND
AND OFTEN AT A HIGH PRICE. ONE SOLUTION IS TO TURN TO
EXTERNAL/OUTSOURCED CONSULTANTS TO PROVIDE CYBER SECURITY EXPERTISE
AND GROW INTERNAL EXPERTISE IN PARALLEL.
MANY COMPANIES DO NOT HAVE DEDICATED SECURITY TEAMS/STAFF OR ONLY
OPERATE WITH A LIMITED SECURITY TEAM BOTH IN TERMS OF NUMBER AND
EXPERTISE.
All icons from the NOUN project unless specified otherwise
VIRTUAL CISO ROLE OVERVIEW
NEXT STEPS
TRAINING &
CAREER
OTHER ROLESVCISOCONTEXT
4PUBLIC
THE ROLE OF A CHIEF INFORMATION SECURITY OFFICER (CISO) IS TO BE RESPONSIBLE
FOR THE COMPANY'S OVERALL CYBER SECURITY EFFORTS: STRATEGY, ROADMAPS,
TECHNOLOGY CHOICES, SECURITY BUDGET, SECURITY STAFF, SECURITY PROJECTS,
CYBER RISKS ACCOUNTABILITY, ETC.
THE MANDATE, ACCOUNTABILITIES AND RESPONSIBILITIES OF A VCISO DEPENDS OF
THE COMPANY'S ABILITY AND WILLINGNESS TO DELEGATE RESPONSIBILITIES AND
AUTHORITY TO AN EXTERNAL CONSULTANT
THE ROLE OF A VIRTUAL CISO (VCISO) IS MORE LIMITED AS IT IS EXTERNAL TO THE
COMPANY. IT IS PRIMARILY AIMED AT HELPING A COMPANY WITH A SMALL OR NON
EXISTENT SECURITY TEAM TO PRIORITIZE THEY SECURITY RELATED ACTIVITIES AND
OVERSEE/ADVISE ON KEY SECURITY RELATED DECISIONS
VIRTUAL CISO ROLE SCOPE
NEXT STEPS
TRAINING &
CAREER
OTHER ROLESVCISOCONTEXT
5
BELOW IS A LIST OF ACTIVITIES THAT ARE TYPICALLY IN AND OUT OF SCOPE FOR A VIRTUAL CISO
IN SCOPE OUT OF SCOPE
DEFINITION AND IMPLEMENTATION OF THE
COMPANY'S SECURITY STRATEGY AND ROADMAP
SECURITY BUDGET
SECURITY RELATED PROJECTS OVERSIGHT AND
MANAGEMENT
SECURITY STAFF MANAGEMENT LINE
INDEPENDENT ADVICE ON SECURITY RELATED
TECHNOLOGIES AND BEST PRACTISES
EXTERNAL CONTRACT ASSIGNMENTS
BOARD REPRESENTATION OVERALL SECURITY RISKS ACCOUNTABILITY
FOCAL POINT OF CONTACT FOR ALL SECURITY
DECISIONS (TRAINING, PROJECTS, ETC.)
SECURITY OPERATIONAL TASKS
PUBLIC
CORE CYBER SECURITY ROLES OVERVIEW
NEXT STEPS
TRAINING &
CAREER
OTHER ROLESVCISOCONTEXT
6
ROLE TYPE SCOPE
NB
DESIRED
EMPLOYMENT
OPTIONS
EMPLOYMENT
TYPE
BASIC
SALARY
(MUR)
MARKET
AVAILABILITY
CISO MANAGEMENT
Driving Strategy and
roadmap, project and
technology oversight
1x
- IN-HOUSE
- EXTERNAL
- OUTSOURCED
- FULL TIME
- PARTIAL
150K –
250K
RARE, MOSTLY
EXPAT
CYBER SECURITY
MANAGER
MANAGEMENT
Managed Security team and
projects' delivery
1x
- IN-HOUSE
- EXTERNAL
- OUTSOURCED
- FULL TIME
- PARTIAL
100K –
200K
NOT COMMON
CYBER SECURITY
CONSULTANT
CONSULTING
Overall advise on specific
security related project
based on best practices
1x
- IN-HOUSE
- EXTERNAL
- OUTSOURCED
- FULL TIME
- PART TIME
- AD-HOC
75K –
150K
RARE
CYBER SECURITY
OFFICER
GENERALIST
Operational tasks such as
Vulnerability Assessment
2x
- IN-HOUSE
- EXTERNAL
- OUTSOURCED
- FULL TIME
50K –
150K
COMMON
CYBER SECURITY
RISK OFFICER
SPECIALIST
Internal and external Risk
identification,
documentation and review
1x
- IN-HOUSE
- EXTERNAL
- OUTSOURCED
- FULL TIME
75K –
150K
RARE, MOSTLY
EXPAT
CYBER SECURITY
INCIDENT OFFICER
SPECIALIST
Driving incident planning,
simulation and management
1x
- IN-HOUSE
- EXTERNAL
- OUTSOURCED
- FULL TIME
50K –
150K
NOT COMMON
CYBER FORENSICS
OFFICER
SPECIALIST
In charge of investigation
during incidents to find root
causes
1x OUTSOURCED - AD-HOC
100K –
200K
VERY RARE,
MOSTLY EXPAT
CYBER SECURITY
ARCHITECT
CONSULTING
Designing and Assessing
current and future IT
Architecture security
1x
- EXTERNAL
- OUTSOURCED
- FULL TIME
- PART TIME
100K –
200K
RARE
PUBLIC

Recommended

Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSFDigital Bond
 
Enterprise Security Architecture Design
Enterprise Security Architecture DesignEnterprise Security Architecture Design
Enterprise Security Architecture DesignPriyanka Aash
 
Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Cybersecurity Capability Maturity Model (C2M2)
Cybersecurity Capability Maturity Model (C2M2)Maganathin Veeraragaloo
 
Understanding the NIST Risk Management Framework: 800-37 Rev. 2
Understanding the NIST Risk Management Framework: 800-37 Rev. 2Understanding the NIST Risk Management Framework: 800-37 Rev. 2
Understanding the NIST Risk Management Framework: 800-37 Rev. 2Denise Tawwab
 
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...PECB
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Iso iec 27032 foundation - cybersecurity training course
Iso iec 27032 foundation - cybersecurity training courseIso iec 27032 foundation - cybersecurity training course
Iso iec 27032 foundation - cybersecurity training courseMart Rovers
 
PwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity ManagementPwC Point of View on Cybersecurity Management
PwC Point of View on Cybersecurity ManagementCA Technologies
 

More Related Content

What's hot

How To Handle Cybersecurity Risk Powerpoint Presentation Slides
How To Handle Cybersecurity Risk Powerpoint Presentation SlidesHow To Handle Cybersecurity Risk Powerpoint Presentation Slides
How To Handle Cybersecurity Risk Powerpoint Presentation SlidesSlideTeam
 
IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilientPrime Infoserv
 
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleWalk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleEnterpriseGRC Solutions, Inc.
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protectionxband
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber  Security Operation Center: du Case  StudyWhat We’ve Learned Building a Cyber  Security Operation Center: du Case  Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyPriyanka Aash
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security programWilliam Godwin
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityThe Open Group SA
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Cyber security investments 2021
Cyber security investments 2021Cyber security investments 2021
Cyber security investments 2021Management Events
 
A Practical Example to Using SABSA Extended Security-in-Depth Strategy
A Practical Example to Using SABSA Extended Security-in-Depth Strategy A Practical Example to Using SABSA Extended Security-in-Depth Strategy
A Practical Example to Using SABSA Extended Security-in-Depth Strategy Allen Baranov
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCristian Garcia G.
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Insight into SOAR
Insight into SOARInsight into SOAR
Insight into SOARDNIF
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckHow To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckSlideTeam
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 
Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30timmcguinness
 

What's hot (20)

How To Handle Cybersecurity Risk Powerpoint Presentation Slides
How To Handle Cybersecurity Risk Powerpoint Presentation SlidesHow To Handle Cybersecurity Risk Powerpoint Presentation Slides
How To Handle Cybersecurity Risk Powerpoint Presentation Slides
 
SIEM in NIST Cyber Security Framework
SIEM in NIST Cyber Security FrameworkSIEM in NIST Cyber Security Framework
SIEM in NIST Cyber Security Framework
 
IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilient
 
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleWalk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber  Security Operation Center: du Case  StudyWhat We’ve Learned Building a Cyber  Security Operation Center: du Case  Study
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
 
Business case for information security program
Business case for information security programBusiness case for information security program
Business case for information security program
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
Cyber security investments 2021
Cyber security investments 2021Cyber security investments 2021
Cyber security investments 2021
 
A Practical Example to Using SABSA Extended Security-in-Depth Strategy
A Practical Example to Using SABSA Extended Security-in-Depth Strategy A Practical Example to Using SABSA Extended Security-in-Depth Strategy
A Practical Example to Using SABSA Extended Security-in-Depth Strategy
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfee
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
Insight into SOAR
Insight into SOARInsight into SOAR
Insight into SOAR
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckHow To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete Deck
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30Risk Assessment Process NIST 800-30
Risk Assessment Process NIST 800-30
 

Similar to VIRTUAL CISO AND OTHER KEY CYBER ROLES

Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...Mighty Guides, Inc.
 
NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF) NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF) Priyanka Aash
 
Cyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadCyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadsavassociates1
 
Weakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainWeakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainSanjay Chadha, CPA, CA
 
10 KEYS TO EFFECTIVE NETWORK SECURITY
10 KEYS TO EFFECTIVE NETWORK SECURITY10 KEYS TO EFFECTIVE NETWORK SECURITY
10 KEYS TO EFFECTIVE NETWORK SECURITYRazorpoint Security
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015John Budriss
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurestorm
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015Scott Smith
 
Fortinet: The New CISO – From Technology to Business Focused Leadership
Fortinet: The New CISO – From Technology to Business Focused LeadershipFortinet: The New CISO – From Technology to Business Focused Leadership
Fortinet: The New CISO – From Technology to Business Focused LeadershipMighty Guides, Inc.
 
2014 Certification Applicant Handbook
2014 Certification Applicant Handbook2014 Certification Applicant Handbook
2014 Certification Applicant HandbookPeggy OConnor
 
Carbon Black: Justifying the Value of Endpoint Security
Carbon Black: Justifying the Value of Endpoint SecurityCarbon Black: Justifying the Value of Endpoint Security
Carbon Black: Justifying the Value of Endpoint SecurityMighty Guides, Inc.
 
Enhance Your Skills With Cybersecurity certification
Enhance Your Skills With Cybersecurity certificationEnhance Your Skills With Cybersecurity certification
Enhance Your Skills With Cybersecurity certificationgsdcouncil1
 
Nexus It Group Resume Writing
Nexus It Group   Resume WritingNexus It Group   Resume Writing
Nexus It Group Resume Writingtlinde
 
Internet Security - Protecting your critical assets
Internet Security - Protecting your critical assetsInternet Security - Protecting your critical assets
Internet Security - Protecting your critical assetsAndre Jankowitz
 
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...centralohioissa
 
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...Mighty Guides, Inc.
 
Certifications on Security - IS AUDIT
Certifications on Security - IS AUDITCertifications on Security - IS AUDIT
Certifications on Security - IS AUDITShahzeb Pirzada
 
CISSO Certification| CISSO Training | CISSO
CISSO Certification|  CISSO Training | CISSOCISSO Certification|  CISSO Training | CISSO
CISSO Certification| CISSO Training | CISSOSagarNegi10
 

Similar to VIRTUAL CISO AND OTHER KEY CYBER ROLES (20)

Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
Tenable: Economic, Operational and Strategic Benefits of Security Framework A...
 
NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF) NIST Critical Security Framework (CSF)
NIST Critical Security Framework (CSF)
 
Cyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadCyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor upload
 
Weakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainWeakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chain
 
10 KEYS TO EFFECTIVE NETWORK SECURITY
10 KEYS TO EFFECTIVE NETWORK SECURITY10 KEYS TO EFFECTIVE NETWORK SECURITY
10 KEYS TO EFFECTIVE NETWORK SECURITY
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk Managment
 
CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015CISO_Paper_Oct27_2015
CISO_Paper_Oct27_2015
 
Fortinet: The New CISO – From Technology to Business Focused Leadership
Fortinet: The New CISO – From Technology to Business Focused LeadershipFortinet: The New CISO – From Technology to Business Focused Leadership
Fortinet: The New CISO – From Technology to Business Focused Leadership
 
2014 Certification Applicant Handbook
2014 Certification Applicant Handbook2014 Certification Applicant Handbook
2014 Certification Applicant Handbook
 
Carbon Black: Justifying the Value of Endpoint Security
Carbon Black: Justifying the Value of Endpoint SecurityCarbon Black: Justifying the Value of Endpoint Security
Carbon Black: Justifying the Value of Endpoint Security
 
Enhance Your Skills With Cybersecurity certification
Enhance Your Skills With Cybersecurity certificationEnhance Your Skills With Cybersecurity certification
Enhance Your Skills With Cybersecurity certification
 
Nexus It Group Resume Writing
Nexus It Group   Resume WritingNexus It Group   Resume Writing
Nexus It Group Resume Writing
 
csxnewsletter
csxnewslettercsxnewsletter
csxnewsletter
 
Internet Security - Protecting your critical assets
Internet Security - Protecting your critical assetsInternet Security - Protecting your critical assets
Internet Security - Protecting your critical assets
 
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
 
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
 
Certifications on Security - IS AUDIT
Certifications on Security - IS AUDITCertifications on Security - IS AUDIT
Certifications on Security - IS AUDIT
 
How To Become An IT Security Risk Analyst
How To Become An IT Security Risk AnalystHow To Become An IT Security Risk Analyst
How To Become An IT Security Risk Analyst
 
CISSO Certification| CISSO Training | CISSO
CISSO Certification|  CISSO Training | CISSOCISSO Certification|  CISSO Training | CISSO
CISSO Certification| CISSO Training | CISSO
 

More from Sylvain Martinez

More from Sylvain Martinez (20)

PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITY
 
INTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHYINTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHY
 
INCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATIONINCIDENT RESPONSE NIST IMPLEMENTATION
INCIDENT RESPONSE NIST IMPLEMENTATION
 
DATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEWDATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEW
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW
 
INCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTS
 
PHISHING PROTECTION
PHISHING PROTECTIONPHISHING PROTECTION
PHISHING PROTECTION
 
INCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEWINCIDENT RESPONSE OVERVIEW
INCIDENT RESPONSE OVERVIEW
 
OFFENSIVE IDS
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDS
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
ARE YOU RED TEAM READY?
ARE YOU RED TEAM READY?ARE YOU RED TEAM READY?
ARE YOU RED TEAM READY?
 
GDPR SECURITY ISSUES
GDPR SECURITY ISSUESGDPR SECURITY ISSUES
GDPR SECURITY ISSUES
 
Mobile Security Assessment
Mobile Security AssessmentMobile Security Assessment
Mobile Security Assessment
 
The Art of CTF
The Art of CTFThe Art of CTF
The Art of CTF
 
OFFICE 365 SECURITY
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITY
 
Risk on Crypto Currencies
Risk on Crypto CurrenciesRisk on Crypto Currencies
Risk on Crypto Currencies
 
INTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICSINTRODUCTION TO CYBER FORENSICS
INTRODUCTION TO CYBER FORENSICS
 
Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2Talk1 esc7 muscl-gdpr_debate_v1_2
Talk1 esc7 muscl-gdpr_debate_v1_2
 
Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2Talk1 esc7 muscl-dataprotection_v1_2
Talk1 esc7 muscl-dataprotection_v1_2
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 

Recently uploaded

LLMs, LMMs, their Improvement Suggestions and the Path towards AGI.pdf
LLMs, LMMs, their Improvement Suggestions and the Path towards AGI.pdfLLMs, LMMs, their Improvement Suggestions and the Path towards AGI.pdf
LLMs, LMMs, their Improvement Suggestions and the Path towards AGI.pdfThomas Poetter
 
A Comprehensive Theoretical Overview of Self-Driving Car Technology
A Comprehensive Theoretical Overview of Self-Driving Car TechnologyA Comprehensive Theoretical Overview of Self-Driving Car Technology
A Comprehensive Theoretical Overview of Self-Driving Car TechnologyKumar Bipin
 
2024 February Patch Tuesday
2024 February Patch Tuesday2024 February Patch Tuesday
2024 February Patch TuesdayIvanti
 
My self introduction to know others abut me
My self  introduction to know others abut meMy self  introduction to know others abut me
My self introduction to know others abut meManoj Prabakar B
 
Bluetooth Low Energy(BLE) and beacons working
Bluetooth Low Energy(BLE) and beacons workingBluetooth Low Energy(BLE) and beacons working
Bluetooth Low Energy(BLE) and beacons workingshrey Ansh
 
2) Presentation_Overview_ISO_16140-3_Method_verification_20210322.pptx
2) Presentation_Overview_ISO_16140-3_Method_verification_20210322.pptx2) Presentation_Overview_ISO_16140-3_Method_verification_20210322.pptx
2) Presentation_Overview_ISO_16140-3_Method_verification_20210322.pptxssuser796efb
 
Breaking Barriers & Leveraging the Latest Developments in AI Technology
Breaking Barriers & Leveraging the Latest Developments in AI TechnologyBreaking Barriers & Leveraging the Latest Developments in AI Technology
Breaking Barriers & Leveraging the Latest Developments in AI TechnologySafe Software
 
Enhancing SaaS Performance: A Hands-on Workshop for Partners
Enhancing SaaS Performance: A Hands-on Workshop for PartnersEnhancing SaaS Performance: A Hands-on Workshop for Partners
Enhancing SaaS Performance: A Hands-on Workshop for PartnersThousandEyes
 
Zi-Stick UBS Dongle ZIgbee from Aeotec manual
Zi-Stick UBS Dongle ZIgbee from  Aeotec manualZi-Stick UBS Dongle ZIgbee from  Aeotec manual
Zi-Stick UBS Dongle ZIgbee from Aeotec manualDomotica daVinci
 
Unlocking the Cloud's True Potential: Why Multitenancy Is The Key?
Unlocking the Cloud's True Potential: Why Multitenancy Is The Key?Unlocking the Cloud's True Potential: Why Multitenancy Is The Key?
Unlocking the Cloud's True Potential: Why Multitenancy Is The Key?GleecusTechlabs1
 
GDSC MMCOE - ML Campaign
GDSC MMCOE - ML CampaignGDSC MMCOE - ML Campaign
GDSC MMCOE - ML CampaignLavesh Akhadkar
 
Navigating the Never Normal Strategies for Portfolio Leaders
Navigating the Never Normal Strategies for Portfolio LeadersNavigating the Never Normal Strategies for Portfolio Leaders
Navigating the Never Normal Strategies for Portfolio LeadersOnePlan Solutions
 
Bringing nullability into existing code - dammit is not the answer.pptx
Bringing nullability into existing code - dammit is not the answer.pptxBringing nullability into existing code - dammit is not the answer.pptx
Bringing nullability into existing code - dammit is not the answer.pptxMaarten Balliauw
 
"Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre...
"Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre..."Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre...
"Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre...shaiyuvasv
 
Evolution of Chatbots: From Custom AI Chatbots and AI Chatbots for Websites.pptx
Evolution of Chatbots: From Custom AI Chatbots and AI Chatbots for Websites.pptxEvolution of Chatbots: From Custom AI Chatbots and AI Chatbots for Websites.pptx
Evolution of Chatbots: From Custom AI Chatbots and AI Chatbots for Websites.pptxKyle Willson
 
5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!
5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!
5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!XfilesPro
 
OTel Orientation_ How to Train Teams (OTel in Practice).pdf
OTel Orientation_ How to Train Teams (OTel in Practice).pdfOTel Orientation_ How to Train Teams (OTel in Practice).pdf
OTel Orientation_ How to Train Teams (OTel in Practice).pdfPaige Cruz
 
Curtain Module Manual Zigbee Neo CS01-1C.pdf
Curtain Module Manual Zigbee Neo CS01-1C.pdfCurtain Module Manual Zigbee Neo CS01-1C.pdf
Curtain Module Manual Zigbee Neo CS01-1C.pdfDomotica daVinci
 

Recently uploaded (20)

LLMs, LMMs, their Improvement Suggestions and the Path towards AGI.pdf
LLMs, LMMs, their Improvement Suggestions and the Path towards AGI.pdfLLMs, LMMs, their Improvement Suggestions and the Path towards AGI.pdf
LLMs, LMMs, their Improvement Suggestions and the Path towards AGI.pdf
 
A Comprehensive Theoretical Overview of Self-Driving Car Technology
A Comprehensive Theoretical Overview of Self-Driving Car TechnologyA Comprehensive Theoretical Overview of Self-Driving Car Technology
A Comprehensive Theoretical Overview of Self-Driving Car Technology
 
2024 February Patch Tuesday
2024 February Patch Tuesday2024 February Patch Tuesday
2024 February Patch Tuesday
 
My self introduction to know others abut me
My self  introduction to know others abut meMy self  introduction to know others abut me
My self introduction to know others abut me
 
Bluetooth Low Energy(BLE) and beacons working
Bluetooth Low Energy(BLE) and beacons workingBluetooth Low Energy(BLE) and beacons working
Bluetooth Low Energy(BLE) and beacons working
 
COE AI Lab Universities
COE AI Lab UniversitiesCOE AI Lab Universities
COE AI Lab Universities
 
2) Presentation_Overview_ISO_16140-3_Method_verification_20210322.pptx
2) Presentation_Overview_ISO_16140-3_Method_verification_20210322.pptx2) Presentation_Overview_ISO_16140-3_Method_verification_20210322.pptx
2) Presentation_Overview_ISO_16140-3_Method_verification_20210322.pptx
 
Breaking Barriers & Leveraging the Latest Developments in AI Technology
Breaking Barriers & Leveraging the Latest Developments in AI TechnologyBreaking Barriers & Leveraging the Latest Developments in AI Technology
Breaking Barriers & Leveraging the Latest Developments in AI Technology
 
Enhancing SaaS Performance: A Hands-on Workshop for Partners
Enhancing SaaS Performance: A Hands-on Workshop for PartnersEnhancing SaaS Performance: A Hands-on Workshop for Partners
Enhancing SaaS Performance: A Hands-on Workshop for Partners
 
Zi-Stick UBS Dongle ZIgbee from Aeotec manual
Zi-Stick UBS Dongle ZIgbee from  Aeotec manualZi-Stick UBS Dongle ZIgbee from  Aeotec manual
Zi-Stick UBS Dongle ZIgbee from Aeotec manual
 
Unlocking the Cloud's True Potential: Why Multitenancy Is The Key?
Unlocking the Cloud's True Potential: Why Multitenancy Is The Key?Unlocking the Cloud's True Potential: Why Multitenancy Is The Key?
Unlocking the Cloud's True Potential: Why Multitenancy Is The Key?
 
GDSC MMCOE - ML Campaign
GDSC MMCOE - ML CampaignGDSC MMCOE - ML Campaign
GDSC MMCOE - ML Campaign
 
Russia Ukraine war Cyberspace operations (2022-2024)
Russia Ukraine war Cyberspace operations (2022-2024)Russia Ukraine war Cyberspace operations (2022-2024)
Russia Ukraine war Cyberspace operations (2022-2024)
 
Navigating the Never Normal Strategies for Portfolio Leaders
Navigating the Never Normal Strategies for Portfolio LeadersNavigating the Never Normal Strategies for Portfolio Leaders
Navigating the Never Normal Strategies for Portfolio Leaders
 
Bringing nullability into existing code - dammit is not the answer.pptx
Bringing nullability into existing code - dammit is not the answer.pptxBringing nullability into existing code - dammit is not the answer.pptx
Bringing nullability into existing code - dammit is not the answer.pptx
 
"Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre...
"Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre..."Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre...
"Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre...
 
Evolution of Chatbots: From Custom AI Chatbots and AI Chatbots for Websites.pptx
Evolution of Chatbots: From Custom AI Chatbots and AI Chatbots for Websites.pptxEvolution of Chatbots: From Custom AI Chatbots and AI Chatbots for Websites.pptx
Evolution of Chatbots: From Custom AI Chatbots and AI Chatbots for Websites.pptx
 
5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!
5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!
5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!
 
OTel Orientation_ How to Train Teams (OTel in Practice).pdf
OTel Orientation_ How to Train Teams (OTel in Practice).pdfOTel Orientation_ How to Train Teams (OTel in Practice).pdf
OTel Orientation_ How to Train Teams (OTel in Practice).pdf
 
Curtain Module Manual Zigbee Neo CS01-1C.pdf
Curtain Module Manual Zigbee Neo CS01-1C.pdfCurtain Module Manual Zigbee Neo CS01-1C.pdf
Curtain Module Manual Zigbee Neo CS01-1C.pdf
 

VIRTUAL CISO AND OTHER KEY CYBER ROLES

  • 1. VIRTUAL CISO AND OTHER SECURITY ROLES OVERVIEW VERSION: 1.4a DATE: 26/03/2019 AUTHOR: SYLVAIN MARTINEZ REFERENCE: ES-INTERNAL CLASSIFICATION: PUBLIC
  • 2. 2 • Context • Virtual CISO role overview; • Virtual CISO Role Scope; • Core cyber security roles overview; • Training and career plan strategy; • Training and career plan example. CONTENTS PUBLIC NEXT STEPS TRAINING & CAREER OTHER ROLESVCISOCONTEXT • Next Steps Objectives.
  • 3. CONTEXT NEXT STEPS TRAINING & CAREER OTHER ROLESVCISOCONTEXT 3PUBLIC THIS DOCUMENT WAS CREATED WITH THE MAURITIUS MARKET IN MIND, HOWEVER IT CAN BE RELEVANT TO MOST PARTS OF THE WORLD, ESPECIALLY WHEN IT COMES TO SMALL AND MEDIUM ENTERPRISES. MAJOR CYBER SECURITY CHALLENGES INCLUDE DECIDING WHAT ACTIVITIES TO PRIORITISE, WHERE TO START, HOW TO DELIVER VARIOUS CYBER SECURITY PROJECTS AND PROGRAMS AS WELL AS KNOWING WHAT IS BEST FOR THE PROFILE OF THE COMPANY. RECRUITING CYBER SECURITY STAFF WITH A LOT OF EXPERTISE IS DIFFICULT TO FIND AND OFTEN AT A HIGH PRICE. ONE SOLUTION IS TO TURN TO EXTERNAL/OUTSOURCED CONSULTANTS TO PROVIDE CYBER SECURITY EXPERTISE AND GROW INTERNAL EXPERTISE IN PARALLEL. MANY COMPANIES DO NOT HAVE DEDICATED SECURITY TEAMS/STAFF OR ONLY OPERATE WITH A LIMITED SECURITY TEAM BOTH IN TERMS OF NUMBER AND EXPERTISE. All icons from the NOUN project unless specified otherwise
  • 4. VIRTUAL CISO ROLE OVERVIEW NEXT STEPS TRAINING & CAREER OTHER ROLESVCISOCONTEXT 4PUBLIC THE ROLE OF A CHIEF INFORMATION SECURITY OFFICER (CISO) IS TO BE RESPONSIBLE FOR THE COMPANY'S OVERALL CYBER SECURITY EFFORTS: STRATEGY, ROADMAPS, TECHNOLOGY CHOICES, SECURITY BUDGET, SECURITY STAFF, SECURITY PROJECTS, CYBER RISKS ACCOUNTABILITY, ETC. THE MANDATE, ACCOUNTABILITIES AND RESPONSIBILITIES OF A VCISO DEPENDS OF THE COMPANY'S ABILITY AND WILLINGNESS TO DELEGATE RESPONSIBILITIES AND AUTHORITY TO AN EXTERNAL CONSULTANT THE ROLE OF A VIRTUAL CISO (VCISO) IS MORE LIMITED AS IT IS EXTERNAL TO THE COMPANY. IT IS PRIMARILY AIMED AT HELPING A COMPANY WITH A SMALL OR NON EXISTENT SECURITY TEAM TO PRIORITIZE THEY SECURITY RELATED ACTIVITIES AND OVERSEE/ADVISE ON KEY SECURITY RELATED DECISIONS
  • 5. VIRTUAL CISO ROLE SCOPE NEXT STEPS TRAINING & CAREER OTHER ROLESVCISOCONTEXT 5 BELOW IS A LIST OF ACTIVITIES THAT ARE TYPICALLY IN AND OUT OF SCOPE FOR A VIRTUAL CISO IN SCOPE OUT OF SCOPE DEFINITION AND IMPLEMENTATION OF THE COMPANY'S SECURITY STRATEGY AND ROADMAP SECURITY BUDGET SECURITY RELATED PROJECTS OVERSIGHT AND MANAGEMENT SECURITY STAFF MANAGEMENT LINE INDEPENDENT ADVICE ON SECURITY RELATED TECHNOLOGIES AND BEST PRACTISES EXTERNAL CONTRACT ASSIGNMENTS BOARD REPRESENTATION OVERALL SECURITY RISKS ACCOUNTABILITY FOCAL POINT OF CONTACT FOR ALL SECURITY DECISIONS (TRAINING, PROJECTS, ETC.) SECURITY OPERATIONAL TASKS PUBLIC
  • 6. CORE CYBER SECURITY ROLES OVERVIEW NEXT STEPS TRAINING & CAREER OTHER ROLESVCISOCONTEXT 6 ROLE TYPE SCOPE NB DESIRED EMPLOYMENT OPTIONS EMPLOYMENT TYPE BASIC SALARY (MUR) MARKET AVAILABILITY CISO MANAGEMENT Driving Strategy and roadmap, project and technology oversight 1x - IN-HOUSE - EXTERNAL - OUTSOURCED - FULL TIME - PARTIAL 150K – 250K RARE, MOSTLY EXPAT CYBER SECURITY MANAGER MANAGEMENT Managed Security team and projects' delivery 1x - IN-HOUSE - EXTERNAL - OUTSOURCED - FULL TIME - PARTIAL 100K – 200K NOT COMMON CYBER SECURITY CONSULTANT CONSULTING Overall advise on specific security related project based on best practices 1x - IN-HOUSE - EXTERNAL - OUTSOURCED - FULL TIME - PART TIME - AD-HOC 75K – 150K RARE CYBER SECURITY OFFICER GENERALIST Operational tasks such as Vulnerability Assessment 2x - IN-HOUSE - EXTERNAL - OUTSOURCED - FULL TIME 50K – 150K COMMON CYBER SECURITY RISK OFFICER SPECIALIST Internal and external Risk identification, documentation and review 1x - IN-HOUSE - EXTERNAL - OUTSOURCED - FULL TIME 75K – 150K RARE, MOSTLY EXPAT CYBER SECURITY INCIDENT OFFICER SPECIALIST Driving incident planning, simulation and management 1x - IN-HOUSE - EXTERNAL - OUTSOURCED - FULL TIME 50K – 150K NOT COMMON CYBER FORENSICS OFFICER SPECIALIST In charge of investigation during incidents to find root causes 1x OUTSOURCED - AD-HOC 100K – 200K VERY RARE, MOSTLY EXPAT CYBER SECURITY ARCHITECT CONSULTING Designing and Assessing current and future IT Architecture security 1x - EXTERNAL - OUTSOURCED - FULL TIME - PART TIME 100K – 200K RARE PUBLIC
  • 7. TRAINING AND CAREER PLAN STRATEGY NEXT STEPS TRAINING & CAREER OTHER ROLESVCISOCONTEXT 7PUBLIC TO SUCCESSFULLY DEVELOP IN-HOUSE CYBER SECURITY CAPABILITIES AND GROW INTERNAL RESOURCES, A CLEAR SET OF CAREER PATHS INTO THAT PROFESSION SHOULD FIRST BE DEFINED SUCH CAREER PATHS SHOULD OFFER DIFFERENT TYPE OF ROLES, FROM TECHNICAL TO MANAGERIAL IN ORDER TO BETTER SUIT VARIOUS STAFF ASPIRATIONS STAFF SUPPORT FROM UPPER MANAGEMENT AND ADEQUATE CONTINUOUS TRAINING TO SUCCEED IN THOSE ROLES WILL BE REQUIRED WHENEVER POSSIBLE, ANY EXTERNAL CONSULTANT WORKING IN/FOR THE ORGANIZATION SHOULD BE PAIRED WITH AN INTERNAL STAFF AND THEIR WORK SHADOWED SO KNOWLEDGE TRANSFER OCCURS LIKE WITH MANY OTHER PROFESSION, SOME KNOWLEDGE ONLY COMES FROM EXPERIENCE. FURTHERMORE, MOST SECURITY PROFESSIONALS TEND TO SPECIALIZE IN ONE SPECIFIC AREA (I.E.: FORENSICS, VULNERABILITY ASSESSMENT) AND IT IS VERY RARE TO GET A SPECIALIST IN MANY DIFFERENT AREAS OF SECURITY EXPERTISE
  • 8. TRAINING AND CAREER PLAN EXAMPLE NEXT STEPS TRAINING & CAREER OTHER ROLESVCISOCONTEXT 8PUBLIC 0+ Years 3+ 5+ 7+ 10+ 15+ SO1 SO2 SO3 Security Officer L1 Security Officer L2 Security Officer L3 SS1 SS2 SS3 Security Specialist L1 Security Specialist L2 Security Specialist L3 SC1 SC2 SC3 Security Consultant L1 Security Consultant L2 Security Consultant L3 SM1 SM2 SM3 Security Manager L1 Security Manager L2 Security Manager L3 CISO x CYBER SECURITY MANAGER x CYBER SECURITY CONSULTANT x CYBER SECURITY OFFICER x CYBER SECURITY RISK OFFICER x CYBER SECURITY INCIDENT OFFICER x CYBER FORENSICS OFFICER x CYBER SECURITY ARCHITECT x TYPE OF TRAINING/CERT - Basic Security Training - Certification after 6 months - Online Training - General Security Training - incident Handler Training - Online Training - More Specialised Training - On premises and abroad Training - Talk at Local Conferences - Advanced Training - Industry Recognised - Abroad Training - Talk at International Conferences - Leadership Training - Business Training - Internal Training - Advanced Leadership Training - Recognised Expert Examples CIHE, CEH GSEC, GCIH GCFA, GPEN GXPN, CISSP TOGAF 9 CISM, CISSP EXPERIENCE CAREERPATHTRAININGMINIMUMEXPERIENCEREQUIRED GENERALIST SPECIALIST CONSULTING MANAGEMENT
  • 9. TRAINING AND CAREER PLAN OVERVIEW NEXT STEPS TRAINING & CAREER OTHER ROLESVCISOCONTEXT 9 NEXT STEP GOAL ASSESS YOUR COMPANY RISK PROFILE TO EVALUATE AND DOCUMENT THE LEVEL OF CYBER SECURITY RISKS RELATED TO THE NATURE AND IMPLEMENTATION OF YOUR BUSINESS ASSESS YOUR COMPANY SECURITY MATURITY TO IDENTIFY THE ELVEL OF SECURITY IMPLEMENTED IN YOUR HUMAN, PROCESS AND TECHNOLOGY GAPS RELATED TO YOUR RISK PROFILE ASSESS YOUR CURRENT COMPANY SECURITY PRIORITIES AND CAPABILITY TO IDENTIFY WHAT CYBER SECURITY ROLES ARE REQUIRED TO DELIVER YOUR CYBER SECURITY PRIORITIES IDENTIFY IN HOUSE RESOURCES THAT CAN BE UP- SKILLED TO FILL SOME OF THE ROLES TO LEVERAGE YOUR EXISTING WORK FORCE TO FILL SOME OF THE CYBER SECURITY ROLES GAPS DEVELOP A TRAINING OR RECRUITMENT PROGRAM TO DEVELOP AND UPSKILL YOUR EXISTING STAFF AS WELL AS RECRUIT EXTRA STAFF IF NEEDED PUBLIC
  • 10. © 2015-2019 ELYSIUMSECURITY LTD ALL RIGHTS RESERVED HTTPS://WWW.ELYSIUMSECURITY.COM ABOUT ELYSIUMSECURITY LTD. ELYSIUMSECURITY provides practical expertise to identify vulnerabilities, assess their risks and impact, remediate those risks, prepare and respond to incidents as well as raise security awareness through an organization. ELYSIUMSECURITY provides high level expertise gathered through years of best practices experience in large international companies allowing us to provide advice best suited to your business operational model and priorities. ELYSIUMSECURITY provides a portfolio of Strategic and Tactical Services to help companies protect and respond against Cyber Security Threats. We differentiate ourselves by offering discreet, tailored and specialized engagements. ELYSIUMSECURITY operates in Mauritius and in Europe, a boutique style approach means we can easily adapt to your business operational model and requirements to provide a personalized service that fits your working environment.