About
A vCISO is a virtual Chief Information Security Officer who provides part-time or on-demand CISO services to organisations that do not have a full-time CISO. They help organisations assess their information security posture, develop and implement security strategies, and manage security risks. Our vCISO service is a cost-effective way for organisations to get the expertise and guidance they need to protect their data and systems.
How we can help
Pākiki can provide a vCISO service that will work with you to:
- Develop or review current security policies and processes.
- Assess your ability to respond and recover from security incidents.
- Understand your organisation’s risks of a security incident.
- Develop and maintain a security roadmap.
- Review current and planned security controls to mitigate your security risks.
- Represent the organisation both internally and externally in security matters.
- Provide knowledge sessions to the organisation.
- Provide general information and IT security advice and consulting.
Methodology
The particular methodology will vary depending on your needs, however broadly speaking the methodology is:
- Information Gathering: Understanding your current risks and security posture.
- Review Gaps: Understand where there are current gaps in your security policies and processes.
- Provide advice: Take the output of the above checks, and use our understanding of your business to provide practical, tailored advice on how to improve your security posture.
Assessments will be against the client’s chosen controls framework or standard, or on our recommendations for a framework (i.e. ACSC Essential 8, CIS, NIST, ISO 27001)
Get in touch
We’d love to hear more about your organisation, and to discuss how we can help.