Virtual CISO
Cybersecurity and risk management for your credit union, minus the overhead.
Why use a Virtual CISO?
The scale and complexity of cyber security threats is increasing exponentially, while budgets are increasingly challenged. Competition for expert resources is at an all-time high.
Keeping up with cybersecurity assessments, risk assessments, scanning reports, firewall reviews, phishing reports, penetration testing reports, security policy reviews, vendor security assessments, and governance planning (just to name a few) is burdensome and can be overwhelming.
The Virtual CISO team at Ongoing Operations manages your cybersecurity program to be sure it is adequately protecting your credit union, your members’ data while meeting all NCUA and FFIEC compliance requirements.
The Value of Leveraged vs Dedicated Resources
As the threat landscape in cyber activity evolves, your Information Security practices need to keep pace.
Our named resources work with credit union of all sizes across the United States, with a continuously improving playbook of best practices that is constantly “learning” from a large community of clients.
As our team works with auditors and regulators representing our clients with unparalleled frequency, aligning your operational practices to regulatory requirements gains efficiency and most importantly, minimizes disruption to your business.
The best of both – Dedicated Team at a Leveraged Cost
Ongoing Operations will assign you a named information security expert to lead your cybersecurity program, with a dedicated team supporting and managing it.
Your Virtual CISO will become intimately knowledgeable with your Credit Union, your staff, and your cybersecurity program.
This allows the Virtual CISO to act as a member of your staff and help you build the best possible cybersecurity program for your credit union.
With a virtual solution, Ongoing Operations help de-risk organizations from losing their investment in a dedicated CISO to growing demand and wage pressures for this highly coveted skill set.
Solutions scoped and priced for your credit union.
As a CUSO, Ongoing Operations knows that not all Credit Unions are built the same. Our CISO programs are scoped to meet your needs and requirements based on your credit union’s size and priorities.
What does a Virtual CISO do?
Ongoing Operations CISO begins with a comprehensive information Security Program Assessment. This assessment sets a baseline and identifies the gaps and priorities as we build your cybersecurity program. We work with you to understand why processes have evolved in certain ways and look to find solutions to reduce the scope of your exposure with the goal of lessening the overall cost and burden of regulatory compliance.
We will assess:
- Financial, reputational, and regulatory risk exposure to data loss
- Comparative risk to peer organizations of a similar operation/scale
- Risk assessment and risk profile of third parties
- Alignment with security best practices and protection against known threats
- Protection against emerging threats (e.g. social networking, crime ware, advanced persistent threats)
- Scope of exposure to regulations such as the Data Protection Act, Financial Services Authority and Payment Card Industry Data Security Standard, by taking a data-centric approach, analyzing data flows, repositories, people, processes and third parties to ensure that your security program has a solid grounding.
- Where your data resides and why it needs protecting
We provide a report to serve as a baseline for your project moving forward to enable you to re-scope, re-architect, and reduce exposure where appropriate.
The Ongoing Operations virtual CISO then works with your executive team to adopt an appropriate security posture for your credit union and lay out the plan to develop and mature your cybersecurity program.
Once started, the Ongoing Operations Virtual CISO provides ongoing Senior-level presentations of your credit union’s security posture and plans for the future to your organization. This keeps your key stakeholders, board, and NCUA examiners in the know and up to date on your credit union’s progress.
Weekly, Quarterly, and Annual Tasks
In addition to managing the ongoing improvement of your cybersecurity program, the Virtual CISO also maintains the weekly, quarterly, and annual tasks of a CISO such as:
Reporting
Ongoing quarterly assessments and reports of credit union security program.
Security Tool analysis and best practice guidance
Ongoing quarterly assessments and reports of credit union security program.
Independent reviews and analysis
An independent review and analysis of audit and assessment reports, assisting with prioritization of key issues, and reporting on the following:
- IVA Scan reports
- EVA Scan reports
- SIEM reports
- AV reports
- Asset Reports
- Firewall Reviews
- IDS reports
- IPS Reports
- Phishing reports
- Penetration Test Reports
Ongoing security configuration reviews
- Office 365
- Server and workstations
- Web filtering
- DLP
- Firewalls and more
Security policy & procedure reviews
Policy & procedure creation
Security policy and procedure creation in line with NCUA / FFIEC requirements and best practices
3rd party vendor security assessments
Skills and regulation assessments
Assessment of the information security skills of your personnel and maintaining a governance plan consistent with your credit unions Information Security Program, best practices and applicable regulations
Our Areas of Technical Expertise
Ongoing Operations Virtual CISOs are experts in FFIEC, NCUA and GLBA requirements.
However, we are also experts in practical technology that allows credit unions to meet, fulfill, mitigate and manage requirements around these compliance requirements including:
- Network Segmentation
- Secure Architecture and Configurations
- Encryption and Tokenization
- End-to- end and point-to- point encryption
- Holistic anti-malware and rootkit detection
- Secure Messaging, MDM, Anti-Malware, EDR, Anti-SPAM, DLP, Archiving/Journaling
- Application security
- Access control and privilege auditing
- Security Information and Event Management (SIEM), file integrity monitoring (FIM)
- Intrusion Detection and Prevention (IDS/IPS)
- Incident response, risk assessment and security policies and process
Goal setting. Continuous review.
Let Ongoing Operations support your credit union’s Information Security Program with KPIs focusing on programs like:
Patch Management Program
A healthy, well-functioning patch management program is one of the foundational pieces to mitigating risk and vulnerabilities in a Credit Union network. These KPIs provide a measurement to validate that devices are up to date and that the system is operating as expected.
Anti-malware Program
Anti-malware software helps to protect our information systems and data by preventing malicious programs from running. A healthy program ensures that all servers, workstations, and laptops have current, updated anti-malware software installed.
Security Information and Event Management (SIEM)
A Security Information and Event Management (SIEM) collects logs from our information systems and devices and analyzes them for potential security threats. With the massive amount of log data generated, an automated system enables an efficient review of the logs. Having the logs centrally stored also allows the credit union to investigate security incidents and track malicious activity through the environment.
Security Incident Response
With this set of KPIs, we want to evaluate the effectiveness of our Security Incident Response process and team as it relates to Severity 1 and 2 incidents.
Change Management
Change management is a key part of information security and reducing new risks being introduced to the environment.
Vulnerability Management
Finding and managing vulnerabilities in our information systems is a key way that we protect our member data. It is important for managing risk that we understand what vulnerabilities are unmitigated on our networks and the potential impacts of those vulnerabilities. We also need to ensure that our processes and procedures for mitigating vulnerabilities are healthy and working as expected.
Training and Testing
Our credit union employees are one of the best lines of defense for protecting our member data. Frequent training, awareness and testing helps ensure that security is part of our culture and an important part of everyone’s daily routine. Identifying those behaviors that we want employees to engage in as well as the ones we want them to avoid is an important part of our security program.
Virtual CISO A-la-Carte Services
Ransomware Risk Assessment
Provides insight into the state of controls that can help prevent business disruption due to a ransomware attack.
General Information Security Assessment
Overall review and report on your ability to protect member data
Office 365 Security Assessment
Review and report of your current O365 security configuration and settings.
Bring Your Own Device (BYOD) Risk Assessment
Review and report of your BYOD policies, troubleshooting access, configurations, technology and risk.
Firewall Best Practices and Rule Review
We will perform a review of your firewall configuration to help ensure that your perimeter is secure and that your firewall is configured with best practices.
Sensitive Information/PII Assessment
We will perform a scan on your servers, laptops, and workstations to help you identify the location of PII/NPI, card data and other sensitive information on your network. We will analyze the data and provide you with recommendations to reduce your risk to disclosure of that information.
Remote Working Comprehensive Security Assessment
Has the pandemic forced you to create a flexible work environment at your credit union? No problem.
Our security team can complete an in-depth evaluation and report of your credit union’s remote work program, covering six key areas:
-
- Policy
- Technical Architecture
- Security Controls
- BYOD (Bring Your Own Device)
- Governance
- Training
Upon completion of the evaluation, we’ll provide the following deliverables:
We will perform a scan on your servers, laptops, and workstations to help you identify the location of PII/NPI, card data and other sensitive information on your network. We will analyze the data and provide you with recommendations to reduce your risk to disclosure of that information.
Ongoing Operations Remote Work Scorecard which will evaluate your credit union in the six key areas.
Report of your remote work program, including:
- Detailed gap analysis for each of the six key areas
- Gap analysis against the NCUA guidance – Cybersecurity Considerations for Remote Work
- Remediation guidance for all gaps identified in the assessment
- Prioritized action plan to reduce credit union risk