Strong cybersecurity leadership is among the most expensive staffing consideration for businesses today, and can be overkill for small and medium-sized businesses. However, part-time, on-demand arrangements are much more affordable, and may fit your business on a regular-basis, or even temporarily. Here are the fractional CISO offers from TEKRiSQ;
SHORT-TERM, FRACTIONAL CISO
A 3 Week Engagement to bring some initial cybersecurity leadership into a part-time role, affordably priced for a short initial term.
Deliverables include:
- Posture Management Report (pre-remediation) including an Posture Overview, Application Overview, and Data Overview.
- Documented Recommendations and Remediation Support for Optimized Controls, disabling access to inappropriate applications, removing sharing links that are either dated or unsafe.
- Posture Management Report (post remediation).
LONGER-TERM, FRACTIONAL CISO
Flexible Engagements to bring ongoing cybersecurity leadership into a part-time role, with attractively priced tiers for longer terms.
This TEKRiSQ package uses the data captured by our foundational controls deployed into the client's environment. More specifics included can be found below.
12 MONTH FRACTIONAL CISO GIG
A 12-month part-time role, with attractive priced tiers for a 12-month term.
This TEKRiSQ package uses the data captured by our foundational controls deployed into the client's environment.
More specifics included can be found below.
Specific Responsibilities:
- Identify /manage misconfigurations, security drifts & compliance breaches within your cloud environment (O365 or G Suite)
- Provide remediation support for misconfigurations for your O365 or G Suite environments.
- Provide recommendations and remediation support for security best practices for your O365 or G Suite environments. (Controls based on CIS & ISO 27001 including approx. 100 factors covering access controls, security, and data loss prevention)
- Provide ongoing audit & analysis for employees using multiple risk factors to gain visibility into potential business, security, and compliance risks of each application and browser extension. The analysis looks at each application, permissions enabled by each application (e.g. access control, API access, mailbox access, organizational information & resources access, printer access, Teams/Channels/Skype access, and Active Directory access.)
- Provide on-going audit of shared data including: data Open to anyone links, shared to external user links, company links, and internal user sharing links.
- On-going monitoring cloud configuration data for the O365 or G Suite Environments.
- Ongoing vulnerability scanning, recommendations & remediation support
- Shadow IT Analysis & recommendations, Data Audit, and Application Risks.
- Data leakage analysis
- MFA Risk analysis, recommendations, and remediation support
- Email security analysis recommendations, and remediation support
- Password management practice audit, recommendations, and remediation support
- Privileged access management analysis, recommendations, and remediation support
- Remote workforce risk analysis, risk identification, recommendations, and remediation support
- Incident Response plan analysis and recommendations
- Disaster Recovery plan analysis and recommendations
Deliverables include:
- Monthly Posture Management Report
- Monthly CVE Vulnerable Summary Report
- Monthly Application Report
- Monthly Status Update Meeting
- On-Demand Discussions as needed
- Remediation support and configuration
