Thought Leadership

Thinking outside the CISO box

Written by Andy Lock | Oct 19, 2020 8:43:00 AM

Is it time you considered a different approach to security leadership?

Covered in our previous blog, finding a Chief Information Security Officer (CISO) in this current climate is tough enough. A CISO is hard to come by and, if you can find one, the good ones are expensive. This is just one of the reasons why more organisations are looking for the services of a virtual CISO (vCISO), an outsourced security leader.

Is there a solution that will meet your requirements?

With the new working from home security challenges, there are often concerns that you won’t get the proven experience, expertise, leadership and pragmatism from a vCISO.  This isn’t the case; a vCISO will still provide you with full security leadership, just when you need it and at an affordable cost.

What types of organisations opt for a vCISO?

Savanti provides vCISO consulting services to a range of clients, including larger organisations, smaller enterprises and public sector organisations. Each has chosen an outsourced CISO for very different reasons.

A premiership football club had seen their in-house Information Security Manager move on, leaving a critical void in their security expertise and leadership. Recruiting for a replacement was challenging and costing valuable time. Savanti's virtual CISO consulting service played right into their security requirements.

The Chemistry Group, a global HR consultancy, is a growing organisation and had smaller budgetary requirements and needed proportionate security.

A vCISO service can address different needs. The service can be scaled and proportionate to budget, providing a cost-effective solution. Where you have a critical risk, a vCISO can be on-boarded quickly and provide immediate security leadership. 

Delivered by experienced consultants, a vCISO will progress key security initiatives and accelerate improvements. Additionally, as part of a larger team of experts, your vCISO can draw down on a broad range of skilled resources and proven methodologies to deliver results and build your security capability.

How have our vCISO services benefitted our clients? 

After the loss of their full time Information Security lead, the premiership football club needed a replacement to hit the ground running and provide clear direction for the in-flight information security programme.

Having already conducted a cyber security maturity assessment, Savanti already understood the club culture and security requirements. A Savanti vCISO was able to bridge the gap between IT operations and IT security, utilising the knowledge and expertise of the wider Savanti team to successfully accelerate and deliver a variety of discreet security projects. This enabled continuous improvement, such as the wholesale implementation of MFA and overhauling a complex and challenging patch management programme.

"Security is a complex and multi-faceted discipline and Savanti has always taken a pragmatic approach. Their flexibility in bringing in the right experts when required has been a great benefit" IT Director, Premier League Football Club

When The Chemistry Group first approached Savanti they already recognised the importance of information security to their clients and to win new business. In order to be able to provide adequate assurance they needed to transform their information security regime.  

With varied experience of information security and no real necessity to employ a full time security leader, Savanti's on-demand security leadership hit the mark.

Once Savanti had implemented their foundational security elements, Chemistry achieved the correct certifications to appease their clients and Savanti continued to provide the vCISO role; ensuring continuous information security improvement, advice and governance.

“The Savanti vCISO service has been a great and cost-effective service for us as we occupy that space between a small and medium-sized enterprise that does not require a full-time CISO. Our decision to go with a vCISO has been really effective and having someone on board who is able to leverage the full Savanti team and expertise has been a massive benefit". Tomos Walters, CTO at The Chemistry Group

You can enjoy numerous security benefits from taking on a vCISO. They will be your information security point of contact, providing both direction and support for your business, driving progress and accelerating key initiatives as required. 

If you work with Savanti you will also be able to draw down on the wider knowledge base and resources from the rest of the security team to meet your requirements,whilst only paying for the time and effort that you require.

To discuss our vCISO service with a member of the team, please provide your details below: