vCISO.cz

Remote IT Security Officer

Safeguards Protects Mitigates

Virtual chief information security officer, also referred to as a virtual CISO, vCISO, or CISO-as-a-Service provider, works as an outsourced or on-demand security practitioner. A vCISO role can be filled by a single individual or a team of virtual experts. Although they typically work as remote, part-time contractors, vCISOs provide many of the benefits of a full-time CISO but without the hefty price tag.

Virtual CISO security program steps

As a Virtual Information Security Officer (vCISO), I offer a comprehensive range of security program steps to help protect and enhance your organization's digital assets. Here is an overview of the services I provide:

Define Your Company’s Security Maturity Level

vCISO service starts by performing a risk assessment and a maturity assessment. After assessing the organization, vCISO have conversations with leadership to understand where you want your security program to be, (i.e., what maturity level you want to be at). This can be determined by several factors, including which regulatory landscape your company falls under, any past incidents that have dictated some level of ongoing auditing, and – a factor many companies fail to include in their plans – what contractual obligations you have with clients. By utilizing this method, the organization decides how they want to mature their program and together we executive on that plan to deliver a security program that meets the organization’s needs.

Create Your Security Strategy Plan

Next, a vCISO will work with your team to develop a strategic security plan. This plan may include things like establishing stronger policies and standards, getting a better idea of your unique threat landscape and library, vendor risk assessments, defining remediation timelines, creating a security awareness training program, and understanding your compliance landscape. Then, he will present it to your executive team and board in a way that even non-technical members may understand, modify, and contribute feedback to.

Operationalize & Implement a Security Program

vCISO service starts by performing a risk assessment and a maturity assessment. After assessing the organization, vCISO have conversations with leadership to understand where you want your security program to be, (i.e., what maturity level you want to be at). This can be determined by several factors, including which regulatory landscape your company falls under, any past incidents that have dictated some level of ongoing auditing, and – a factor many companies fail to include in their plans – what contractual obligations you have with clients. By utilizing this method, the organization decides how they want to mature their program and together we executive on that plan to deliver a security program that meets the organization’s needs.

Risk Assessment and Management Services

Comprehensive evaluation of information security risks. Identification of vulnerabilities and potential threats. Development of strategies and controls to mitigate risks. Implementation of risk management practices and frameworks. Ongoing monitoring and assessment of security risks.

Security Policy Development Services

Creation and implementation of tailored security policies and procedures. Development of data protection and access control guidelines. Design of incident response protocols and disaster recovery plans. Integration of security awareness training programs. Alignment with industry regulations and compliance requirements.

Incident Response Planning and Management Services:

Collaboration to develop effective incident response plans. Establishment of protocols for incident detection, analysis, and response. Coordination with internal teams and external stakeholders during incidents. Forensic analysis and investigation of security breaches. Post-incident reviews and recommendations for process improvement.

Ing. Tomáš Rakuščinec

CISSP, CISM, Security+

Seasoned IT professional offering 18+ years of IT experience, including 10+ years of broad-based management in Systems Design, Implementation, Support and Cyber Security. Pride self with a proven ability to strategically and cost-effectively utilize technology in alignment with corporate goals. Possess an admirable track record of direct operations in complex and advanced Information Technology environment.

Experience

More than 18 years of experience

Possess an admirable track record of direct operations in complex and advanced Information Technology environment. Delivered various cybersecurity projects for several multi-national corporations in Banking, Pharmaceutical, Energy, E-commerce, Transportation Industry, Public Sector agencies and others.

Certifications and awards

Possess an admirable track record of direct operations in complex and advanced Information Technology environment. Delivered various cybersecurity projects for several multi-national corporations in Banking, Pharmaceutical, Energy, E-commerce, Transportation Industry, Public Sector agencies and others.

Contact

I’m always looking for new and exciting opportunities. Let’s connect.

Scroll to Top