Breached?

Report an incident

Question?

Contact us now

Advise

Advisory Services are designed to develop and maintain your security program. These strategic services focus on governance, risk, and compliance (GRC) and are directly derived from your organization’s business strategy and practices.

Virtual CISO, vCISO

The chief information security officer, or CISO, is the senior executive who aligns an organization’s IT security strategy with its business goals and operations. In a world of increasing cyber threats, regulations, and litigation, they’re the essential security professionals that all organizations need. And yet, Cisco’s 2015 Annual Security Report notes that only 29% of organizations have a CISO.

DOWNLOAD THE DATA SHEET

Problem Statement

Many challenges prevent organizations, especially small and medium size ones, from realizing the benefits of a CISO, especially: Lack of financial resources to search for, hire and retain a qualified CISO Limited knowledge base and resources for training The average tenure for a CISO is 17 months – and then you’ve lost your investment in hiring a CISO when you repeat the process.

Solution Statement

DigitalDefence’s Virtual CISO (vCISO) Program allows your organization to utilize our board-level experts to perform the tasks typically assigned to an in-house Chief Information Security Officer. Our vCISO will integrate as a member of your executive team to assist with the implementation and management of your Information Security Governance, Risk Management, and Compliance (GRC) programs.

Program Overview

As part of the placement process, DigitalDefence works with each client to identify how the vCISO can most effectively support an organization’s security program. The vCISO will provide strategic business services such as strategy and policy development, purchasing, and security program development and implementation.

Benefits

Reduced costs

A vCISO costs approximately 30-40% the cost of a full-time permanent CISO. You hire the vCISO when you need their support – hours per month, or full-time for a pre-determined period of time.

Experienced

All consultants have on average ten years’ experience in security and compliance in multiple industries. In addition to their technical knowledge, they possess business acumen and leadership skills.

Qualified

All of our vCISOs are professionally qualified in security management and hold industry-leading IT Security certifications including CISSP, CISM, CISA, PCI DSS QSA, as well as relevant industry certifications.

Independent

vCISOs provide independent and unbiased advice in their approach to solving security issues or selecting vendors.

VIEW MORE RESOURCES

Virtual Privacy Officer

DigitalDefence’s virtual Privacy Officer, the vPO, will become your executive-level lead for all privacy matters. The vPO is accountable for privacy across your extended organization – from the Board to employees, as well as partners, vendors and clients.

DOWNLOAD THE DATA SHEET

Problem Statement

Data security breaches have become more common in all organizations, and the loss or disclosure of personal information can threaten client confidence, destroy the business brand and reputation, reduce your share price, lead to legal and regulatory fines and even result in senior executives losing their jobs.

Solution statement

The vPO will develop an enterprise privacy program that is compliant with all relevant privacy laws and regulations, ensuring that it is aligned with your existing business strategy. The vPO provides guidance to ensure that privacy controls are adequate; most importantly, they provide the training and support to build a corporate privacy culture.

Program Overview

As part of the placement process, DigitalDefence works with each client to identify how the vPO can most effectively support an organization’s security program.

Benefits

Reduced Costs

A vPO costs approximately 30-40% the cost of a full-time permanent Privacy Officer. You hire the vPO when you need their support – hours per month, or full-time for a predetermined period of time.

Experienced

All consultants have on average ten years’ experience in privacy, security and compliance in multiple industries. In addition to their technical knowledge, they possess business acumen and leadership skills.

Qualified

Our virtual Privacy Officers are lawyers; they are prepared to offer the legal guidance to fully protect your organization. In addition, they hold industry-leading privacy and IT Security certifications.

Independent

Our Privacy leaders are to engage in a independent and unbiased advice way to address all applicable privacy requirements.

VIEW MORE RESOURCES

Compliance Management

DigitalDefence’s Compliance Management service educates employees about regulatory requirements, identifies gaps between current practices and regulated ones, and delivers a mediation plan that prioritizes items and identifies cost and time requirements. Our proprietary methodology is based on a scorecard approach that supports metrics and allows you to measure your progress to compliance.

DOWNLOAD THE DATA SHEET

Problem Statement

The requirement to comply with government and industry regulations can put significant pressure on an organization; this pressure increases when cross-border issues emerge, and an organization must comply with Canadian and foreign regulations at the same time.

Solution Statement

Most organizations understand the “why” or regulatory compliance; Digital Defence focuses on the “how” – specifically, how to rapidly achieve sustainable compliance in the most cost-effective manner.

Program Overview

DigitalDefence has worked within a variety of different frameworks. Some of those frameworks include: HIPAA, PIPEDA, ISO27000 series, PCI-DSS, SOC, Sarbanes-Oxley, SoX and NIST, just to name a few.

Benefits

Reduced Costs

“Quick Start” approach ensures rapid and cost-effective compliance with regulatory requirements; reduces costs, implementation time, and brings critical personnel resources back to their regular duties.

Experienced

Access to experienced consultants with current knowledge about regulatory requirements and industry best practices—across Canada, the USA, and Europe.

Comprehensive

Comprehensive program delivery—customized programs provide services from strategy analysis through to implementation and monitoring.

Educate

Raises internal awareness of information security risks.

VIEW MORE RESOURCES

Pathfinder Assessment Program

The Pathfinder can be used to provide a rapid security assessment of partners who are accessing your critical data resources, ensuring that the same level of security and privacy is extended across the organization. It has also been used to assess the security of organizations engaged in mergers or acquisitions, where it highlights potential security issues that could be expensive to mediate at a later date.

DOWNLOAD THE DATA SHEET

Problem Statement

Often, an organization knows that they need to improve the security and privacy of their data, but they’re not sure where to start. When this happens, you need an objective, rapid and cost-effective review of your security posture. It should highlight where you are, where you should be, and the best path to get from “here to there”.

Solution Statement

You need a Pathfinder Audit. With the Pathfinder Audit, DigitalDefence will perform an assessment of your organization’s current security and privacy practices against relevant accepted security and privacy standards.

Program Overview

Unlike other assessments (vulnerability assessments, penetration tests), a Pathfinder audit is meant to support a rapid identification of the current security state of your network, and ensure that cost-effective mediation can be started as quickly as possible.

Benefits

Knowledge

Obtain an objective assessment of your current security and privacy state

Responsibility

Demonstrate due diligence and fiduciary responsibility to clients, partners, and employees

Compliance

Comply with Federal and industry regulations; meet audit requirements

Evaluate

Receive a full identification and evaluation of your organization's critical networks, systems, and data

VIEW MORE RESOURCES