Is your budget too small to support high-level cyber security personnel?
Does your organization handle any personal information?
Do you employ systems dedicated to enumerating and auditing your network devices?
Are you subject to regulations that require testing of your network security?
Merit Community CISO services will help your organization address these questions by assessing your attack surface, identifying weaknesses, developing security strategies that significantly minimize your chance of a data breach and providing guidance on regulatory compliance and reporting, all without the expense of hiring a full-time Security Officer.
- Assess current IT policies, standards and procedures and provide gap analysis
- Determine internal and external threats and vulnerabilities against your network, see what the bad guys see
- Develop and direct strategic long-term cybersecurity plans
- Operations Management Guidance
- Enterprise Security Architecture and Systems Analysis
- Regulatory Compliance Reporting and Documentation Guidance
- Customized to fit your organization’s needs- Weekly/Biweekly/Monthly calls with structured agendas
- Continued Progress Checks and Insights Provided through Email Correspondence
- Risk Management Framework Workshop
- Policy Workshop
- Deep Dive Application Risk Assessment
- Pre-assessment environmental data gathering
- On-Site Consulting Visit
- Standard host based vulnerability scan
- Standard network based vulnerability scan
- Written report with recommendations based upon NIST Cybersecurity Framework and Center for Internet Security – 20 Critical Security Controls
- Executive summary and presentation
The current and future security posture of every organization requires a custom approach. Merit is now developing Chief Information Security Officer (CISO) consulting packages tailored to go hand-in-hand with your budget, organization size and unique challenges in mind.
Looking for a formal, top-to-bottom point-in-time assessment of your cybersecurity posture? Our CISO premium engagement provides a comprehensive analysis of all aspects of your security program, including detailed executive and techincal reports aligned with the NIST Cybersecurity Framework (CSF) as well as the CIS Top 20 Security Controls. Network-based and host-based vulnerability scans are performed for additional analysis and validation, and your leadership team is presented with an easy to understand summary of all the areas selected for improvement, as well as the areas which are being addressed exceptionally well by your staff.
- Comprehensive assessment
- Executive summaries
Looking for ongoing on-demand guidance throughout the year to make sure that your cybersecurity efforts stay on the right track? Our CISO Advocate program provides budget-friendly continual expert advice, strategy, and planning specific to your organization. We begin with a half-day discovery session to understand your key systems, processes, technology, culture, and information. All throughout the year, your security efforts are supported by both monthly structured strategy meetings as well as on-demand issue consultations. Take advantage of our experience and execute your security projects successfully with our CISO on your side.
- Half-day onsite
- Budget friendly
Need to know where to start when it comes to security? Our CISO Micro Assessment is perfect for organizations that know they need to begin somewhere with their security program. This inexpensive service focuses on analyzing the Top 6 Basic CIS controls at your organization, providing you and your technical staff actionable advice on how you can springboard your security efforts out of the unknown.
- Focuses on Top 6 attainable steps
- Actionable advice
Merit is a CIS Security Benchmark Member and utilizes CIS’s Configuration Assessment Tool (CIS-CAT) to report target systems conformance with the recommended settings in the CIS Benchmarks. CIS Benchmarks are used as the basis for security configuration policies and the de facto standard for IT configuration best practices.
The CIS Benchmarks are security configuration guides both developed and accepted by government, business, industry, and academia.
QUESTIONS ABOUT OUR CISO SERVICE OR CONSULTING PACKAGES?
Fill out the form below, or contact us by calling 734-527-5700.