Curated Cyber is A CISOaaS firm; our curated approach is based on client needs, implementing an Information Security Program or Governance Framework specific to your business. Our team tailors our offering to your business as some environments need more Risk Management and Control Enhancement, while others require a more direct development of a Governance Program. Delivering subject-matter expertise in cybersecurity not found in many small to medium-sized businesses, our vCISOs operate as a member of your team for a fraction of the cost of a full-time CISO. Our efficient approach, experience, and proven methodologies will manage your deliverables and services in the the best way possible. We are a team of like-minded, subject-matter experts who specialize in cybersecurity and compliance. A team that aspires to be top of the class and stay forward-thinking. We understand frameworks and what a baseline looks like, so we can be prepared for the unexpected and mitigate your overall risk. A team that will present the risks and let you make the decision. We are NOT the security team that states, “You can’t do that.” You own the business and business unit. With decades of experience, our team understands small businesses. Your vCISO provides honest and open communication and understands the security priorities of your business. YOUR vCISO TEAM HELPS BRIDGE THE GAP BETWEEN BUSINESS, IT, COMPLIANCE, AND GOVERNANCE WITH SKILLS IN THE FOLLOWING AREAS: • Business Enablers through Process & Communication • Documenting Vision & Goals • Cybersecurity Threats & Mitigating Controls • Move the IS Program from Reactive to Proactive • Compliance/Governance • Banking & Small Business • Risk Management • Information Technology • Multiple Cybersecurity Certifications • Experience in Multiple Frameworks, including FFIEC, GLBA Compliance, ISO 27001, ITIL, COBIT, HIPAA, NIST, CMMC, and more CURATED SERVICES AND DELIVERABLES: • Strategic & Governance Support (ITSC Meetings, Monthly Meetings, Project Management, IT Strategic Planning, GLBA Reporting, Interaction with the Board) • Policies and Risk Assessments • Cyber Security Assessment Tool • R-SAT (Ransomware Self-Assessment Tool) • Education & Training (Information Security Awareness Training) • Vendor Management Program. Annual Vendor Risk Assessment, Critical Vendor Analysis Report, Vendor On-Boarding, Performance Management, Corrective Action. • Business Continuity Planning & Preparedness • Incident Response Planning & Preparedness • vCISO & Technology Advisory Services • Research / Feedback