The Virtual CISO and Outsourced ISO service offering are gaining a ton of interest lately, as they very well should be. Community banks are in need of leadership in the cybersecurity realm and outsourcing that expertise is the fastest and easiest way to do so. I've even personally spoken with bank examiners that fully support banks seeking third party support in managing their information security program.
But even with the growing popularity, I've heard a lot of the same questions and concerns in creation and structure of such a role at community banks. To help with this, my team and I have created a white paper that will release in October on BedelSecurity.com titled: "14 Things Banks Should Consider Before Hiring a vCISO".
It is a comprehensive, objective, guide to help community financial institutions decide if a security professional timeshare is right for them, and if so, how to go about contracting with a firm to do so.
Some topics include:
The goal is to give the management team a tool they can use to begin the discussion and decide what is right for their organization.
Again this will officially release in October, but I'm offering this white paper early to my newsletter subscribers. Just send me an email at chris@chrisbedel.com and I'll send a copy to your inbox.