Boston Virtual CISO

Rob Black, CISSP is the Boston Virtual CISO (vCISO) who has improved the cybersecurity posture of many organizations. As the Managing Principal of Fractional CISO, Rob oversees all client services.

As a Boston Virtual CISO, Rob provides varying levels of service to different organizations depending on their needs and is uniquely qualified to handle the vCISO role for your company.

A few of his career highlights include:

• Served as Interim CISO for a well-known University in the Boston suburbs
• Designed the cybersecurity strategy for several high growth SaaS companies
• Provided risk assessments to a multi-billion-dollar financial services firm
• Improved the product security of many high-tech firms
• Assisted many companies with their SOC 2and other audits.

Rob’s bio is here, LinkedIn profile is here, and highlights of his publication and speaking engagements are here.

Fractional CISO offers both packaged cybersecurity services and tailored solutions for more complex requirements.

Compared to other providers, our Boston Virtual CISO services have four key differentiators that result in a high quality, cost effective solution:

1. We develop tailored solutions to meet our clients’ needs, as we are not tied to any vendor.
2. We engage clients with high-value interactions and partner with several best of breed solutions to maximize client value.
3. We incorporate a quantitative approach by helping our clients invest wisely based on their budget and risk tolerance.
4. We incorporate a team approach in which at least two team members are assigned to every project. Our clients gain higher availability, broader skillsets, and the ability to deliver content in parallel.

What does a typical Boston Virtual CISO engagement look like?

A typical engagement with Fractional CISO consists of the following:

• Understanding of client, where they fit in the marketplace and the organization’s cyber risk tolerance.
• Gap assessment of organization to better understand what are some of the key cybersecurity needs of the organization.
• Cybersecurity plan for buy-in by senior management.
• Roll out of cybersecurity program to organization, which includes:
  • Focus on people, process, technology, and training.
  • Vendor management.
  • Managing IT’s security whether internal or outsourced.
  • Product focus, especially for SaaS offerings.
• Risk Assessments to evaluate where the greatest cybersecurity threats are to an organization
• Building Compliance and audit strategy for whatever standards and certifications are required.
• Answer customer security questionnaires.
• Proactively address customer security issues with whitepapers and RFP templates.
• Communicating cybersecurity program across the organization including to senior management and board.

Going Above and Beyond

Need help telling your security story to close a deal? Do your prospects require you to follow a cybersecurity standard?

We can help you with all types of go-to-market activities. We’ll even provide the security marketing content.

Finally, we can also:

• Have expert security discussions with your customers (including the option of company badged information security consultants)
• Prepare Request for Proposal (RFP) / Request for Information (RFI) answers for security questions
• Provide security clause contract drafting and review (in conjunction with your legal team)
• Provide security messaging documents and white papers for your business

Want to learn more about hiring a Boston Virtual CISO?

To get a good sense about our how we work, sign up for our newsletter for business leaders. It is a once monthly email. We will ONLY send it once a month. Sign up here: https://fractionalciso.com/newsletter/