Rob Black, CISSP is the Boston Virtual CISO (vCISO) who has improved the cybersecurity posture of many organizations. As the Managing Principal of Fractional CISO, Rob oversees all client services.
As a Boston Virtual CISO, Rob provides varying levels of service to different organizations depending on their needs and is uniquely qualified to handle the vCISO role for your company.
A few of his career highlights include:
Served as Interim CISO for a well-known University in the Boston suburbs
Designed the cybersecurity strategy for several high growth SaaS companies
Provided risk assessments to a multi-billion-dollar financial services firm
Improved the product security of many high-tech firms
Assisted many companies with their SOC 2and other audits.
Fractional CISO offers both packaged cybersecurity services and tailored solutions for more complex requirements.
Boston Virtual CISO Difference
Compared to other providers, our Boston Virtual CISO services have four key differentiators that result in a high quality, cost effective solution:
We develop tailored solutions to meet our clients’ needs, as we are not tied to any vendor.
We engage clients with high-value interactions and partner with several best of breed solutions to maximize client value.
We incorporate a quantitative approach by helping our clients invest wisely based on their budget and risk tolerance.
We incorporate a team approach in which at least two team members are assigned to every project. Our clients gain higher availability, broader skillsets, and the ability to deliver content in parallel.
Boston Virtual CISO offering
What does a typical Boston Virtual CISO engagement look like?
A typical engagement with Fractional CISO consists of the following:
Understanding of client, where they fit in the marketplace and the organization’s cyber risk tolerance.
Gap assessment of organization to better understand what are some of the key cybersecurity needs of the organization.
Cybersecurity plan for buy-in by senior management.
Roll out of cybersecurity program to organization, which includes:
Focus on people, process, technology, and training.
Vendor management.
Managing IT’s security whether internal or outsourced.
Product focus, especially for SaaS offerings.
Risk Assessments to evaluate where the greatest cybersecurity threats are to an organization
Building Compliance and audit strategy for whatever standards and certifications are required.
Answer customer security questionnaires.
Proactively address customer security issues with whitepapers and RFP templates.
Communicating cybersecurity program across the organization including to senior management and board.
Boston Virtual CISO customized services
Securing Boston area tech companies
While the services above will go a long way to improve your cybersecurity posture, some companies require help executing specific projects or providing customized services.
Customized services may include a corporate or product security strategy, or it might be a Vulnerability Management program or Incident program management.
A Boston Virtual CISO can also help you throughout the entire security lifecycle of your SaaS offering. Many of our clients utilize AWS or Azure. We help them to optimize the security of their infrastructure.
Going Above and Beyond
Need help telling your security story to close a deal? Do your prospects require you to follow a cybersecurity standard?
We can help you with all types of go-to-market activities. We’ll even provide the security marketing content.
Finally, we can also:
Have expert security discussions with your customers (including the option of company badged information security consultants)
Prepare Request for Proposal (RFP) / Request for Information (RFI) answers for security questions
Provide security clause contract drafting and review (in conjunction with your legal team)
Provide security messaging documents and white papers for your business
Want to learn more about hiring a Boston Virtual CISO?
To get a good sense about our how we work, sign up for our newsletter for business leaders. It is a once monthly email. We will ONLY send it once a month. Sign up here: https://fractionalciso.com/newsletter/
Is your Cyber Insurance really going to cover you?
Only 1/3 of cyber insurance policies actually pay out in incidents. Most companies have cyber insurance policies that insure too little, or too much, and have absurdly low caps and silly exclusions.
To learn more about cyber insurance and determine if you have the right coverage for you, join us for a free vCISO Office Hours session on Tuesday, April 18 at 1 p.m. eastern time. Bring your questions!
New Release: Free SOC 2 eBook!
Getting ready for your first SOC 2? This eBook is full of actionable advice to help you prepare for and succeed in your first SOC 2 audit.
Learn:
How to scope your SOC 2 project
How to estimate the cost and length of your SOC 2 project
How to prepare for your SOC 2
How to succeed in your SOC 2 audit period
How to leverage your SOC 2 report to enable your business and sales