Virtual Information Security Officer

“UK business faces a cyber threat which is growing in scale and complexity. Organisations which don’t take cyber security extremely seriously in the next year are risking serious financial and reputational consequences.” Donald Toon, director of the National Crime Agency’s Prosperity Command (April 18)

CSA consultants have years of experience in all areas of governance relating to people, process and technology. Organisations need to comply with the GDPR and other data protection legislation to demonstrate good practice relating to information security.

However, organisations cannot always justify a full time role in this area which is where CSA can assist on an ad-hoc basis when required. Most CTO’s have their hands full keeping IT infrastructure running efficiently and providing strategic technical input to the board. CSA compliment the CTO through advice and guidance as their expert information security partner; giving direction or helping to implement strategy, leadership and governance, policy, process, incident management, risk management and asset management.

Typical projects might include:

  • Facilitating the implementation of a cyber road-map or information security strategy

  • Managing an information security incident, including reporting to the ICO

  • Advising on the latest cyber or GDPR compliance regulations

  • Assisting in the implementation of new security architecture

  • Implementing an information security incident management process

  • Cyber security incident response, investigations and forensics

  • Auditing information security policies and processes

  • Helping with tender responses relating to info, data or cyber security

  • Board presentations on information security related issues

  • Interviewing potential full time Cyber or DP officers

  • Technical due diligence on a potential acquisition

  • Cyber audit and risk assessments

  • Data protection compliance advisory services

We can also support your organisations efforts to meet regulatory standards such as GDPR, ISO 27001 or PCI DSS.

Contact us to discuss tailoring a package to suit your organisations requirements.