No current events.

Tweets

Employees Ignore #SocialMedia Policies, Play “FarmVille” on Company Time [STUDY]: http://bit.ly/cjpWxR
RSA: Banking trojan uses #social network as command and control server http://bit.ly/9xujDi #security
http://bit.ly/cVl1mr Hospital: files with personal, medical data on 800,000 gone ->#HIPAA violation
RT @SantaRosaHealth: CMS Lightens Meaningful-Use Requirements for #EHRs http://bit.ly/bLmYtR #ARRA #HITECH
Fla stolen laptops: Its nice the know the #CCTV worked really well to watch thieves steal laptops for over 9 hours! http://bit.ly/d04PFk
TemporaryCSO
Problem

 

Many organizations have IT handling the security function without dedicated security guidance. Or your company may not need a full time Chief Security Officer or may not have the budget for it currently. A Chief Security Officer can be very expensive to have in-house. Even a dedicated CSO often has other responsibilities thrust upon them, diluting their security role. With an external CSO, you can have dedicated guidance at a fraction of the cost.

Solution

We can provide that gap coverage in our TemporaryCSO offering. Key responsibilities we can provide with a Temporary CSO include overseeing and coordinating security efforts across the company, including information technology, human resources, communications, legal, facilities management and other groups, and identifying security initiatives and standards. We will be your trusted resource to manage your security organization, bringing real world experience on a temporary basis until you are ready to hire a full time CSO.

The CSO will define and communicate policies, procedures, and standards throughout the organization, as well as determine the corporate vision for IT Security and Data Privacy and provide leadership to accomplish the business goals. Our TemporaryCSO will work in close collaboration with management to facilitate, shape and sustain an information security approach that is integrated with business strategy and help sustain the various business lines.

 

This is a critical role with responsibilities and accountabilities that include:

  • Protecting information assets against any potential threats and vulnerabilities that could impact the confidentiality,
  • integrity and availability of information
  • Establish Information Security strategy, policies and architecture to facilitate business requirements and recommendation of controls
  • Develop and delivery of Information Security Awareness Program to Senior Management and gain commitment to initiatives
  • Program and Workforce management including employees, contractors and vendors
  • Knowledge of technological trends and developments in the area of information security and risk management
  • Strong knowledge and experience of risk management methodologies and tools
  • Knowledge of information security audit guidelines
  • Experience with establishing and managing large project RFPs, contracts and vendors
  • High level of personal integrity and professionalism to handle confidential matters and execute the appropriate level of judgment and maturity
  • Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals

How the Process Works

 

We will first do an analysis of your organization and provide baseline security guidance and requirements. We will review all projects and business functions and provide steps to move towards a secure posture. We will attend all key business strategy sessions and contribute to the overall business goals. Weekly or monthly status reports can be generated and key performance indicators can be used to track the progress of the security environment.

 
 

PCI ASV Scan

 

Contact Us: (Antispam Question- What is 1+1?)
Name
Phone
Email
Company
Interest

right_banner1

 

©2009 KRAA SecurityTM All Rights Reserved. Hospital Security | HIPAA Training | HIPAA Security | Physical Security Consulting

Resources | Privacy Link info@kraasecurity.com