Hedgehog's Virtual CISO (vCISO) service, also referred to as CISO-as-a-Service, offers organisations access to a pool of experts and experienced cyber security practitioners who take on the role of a Chief Information Security Officer in your business. Our cost-effective vCISO service brings experience in leadership and skills to help define, plan and execute a bespoke strategy unique to your organisation.
Our vCISOs are supported by our compliance and governance team members to ensure we meet all the varying requirements of your business.
Once you are on-boarded as a vCISO customer, you have access to the following list of services:
Experienced Cyber Security Practitioners: Access to verifiable expert individuals who have held leadership CISO roles and have a wealth of industry experience.
Data Breach Ready
Our vCISO team will oversee and co-ordinate with your management team to ensure your business is prepared to deal with data breaches and incidents. For clients on an annual vCISO program we will schedule in at least one breach simulation per year to test processes end to end.
Regulatory Compliance and Governance
Our vCISO will manage and communicate with regulators for all data privacy and information security requests on your behalf. For clients in the gaming sector we will assist in preparing your business for the annual Remote Technical Standards audit.
Specialist Training Included
Our vCISOs are experienced practitioners and offer specialist management-focused cyber security training as part of the vCISO service. For clients on the annual vCISO program, these training sessions are typically schedules once a quarter.
We offer a number of flexible solutions in terms of accessing our vCISO service:
Retained: on a monthly contract that you can scale-up or scale-down.
On a project basis: on a time and material basis, our vCISO will oversee the whole project and/or transformation.
Our annual vCISO program is a comprehensive service for businesses that provides you with the core elements of a CISO office. The annual vCISO program includes:
Annual Policy Reviews
Cyber Essentials & Cyber Essentials Plus Assessments
Monthly internal vulnerability assessments
Continual external attack surface monitoring
CISO attendance at quarterly management / board meetings
3 days per month of CISO time for meetings, advisories, training etc
If you just need a block of time to backfill your CISO while away from work, or if you need a temporary CISO, you can purchase a day or a block of days below.
Ask us a question, any question at all. As long as it has to do with Information Security / Cyber Security, we will get back to you with an answer.