Levi, Ray & Shoup, Inc.

LRS’s security experts provide guidance on issues such as risk management, policy development, user awareness and training, regulatory compliance, audit preparation etc., most commonly through our vCISO engagement. A tailored set of services can be developed for your specific needs, ensuring a right fit for you.

vCISO engagement
Strategic-Consulting.png

LRS Virtual CISO Program - Total Information Security for Your Business

In today's digital landscape, protecting sensitive information and assets is essential for the success of any business. Unfortunately, many organizations lack the resources or expertise to develop and maintain a robust information security program. That's where the LRS Virtual CISO program comes in.

Our program provides organizations with a cost-effective solution for enhancing their information security posture. Our team of experienced security professionals offers a comprehensive approach to information security, including risk assessment, security architecture design, security strategy development, and ongoing security management.

Our Virtual CISO program is tailored to meet the unique needs of each individual client. Our experts work closely with your team to understand your business goals, operations, and risk profile, and develop a customized security plan that is tailored to your organization.

LRS Virtual CISO Program

 

LRS's Virtual CISO program provides numerous benefits to your organization, including:

  • Access to a highly skilled and experienced security team, without the cost of hiring and maintaining an in-house team
  • Customized security solutions that fit your organization's specific needs and requirements
  • Proactive security management that stays ahead of the latest security threats and vulnerabilities
  • Increased operational efficiency, as our experts identify and mitigate potential security risks before they become a problem

Information security is a constantly evolving landscape and staying ahead of the latest threats and vulnerabilities requires a dedicated and experienced team. Choose LRS's Virtual CISO program, and rest assured that your sensitive information and assets are in good hands. Contact us today to learn more about our program and how we can help secure your organization.

LRS Virtual CISO Program
virtual CISO

Virtual CISO

Learn More

LRS vCISO Program Tasks

Not only are LRS vCISO tasks customizable, based on the client’s needs, your organization is getting access to an entire security team.

Here are just a few examples of the tasks that LRS can include in your customizable VCISO Program:

Task Description
Task Vulnerability Management Program Description Develop implementation and test plans for vulnerability management.  Track progress monthly.
Task Change Control Process Development Description Create policies and procedures for change management.  Ensure that change requests are completed, approved, and retained for all system changes in the environment.
Task Internal and External Vulnerability Assessments Description Assess public-facing and internal systems for known vulnerabilities.  Provides scoring of vulnerabilities with remediation plans.
Task Creation and review of Directives Documents - (Policies, Standards, Procedures) Description Review or author security policies necessary for the environment.  Policies will align with NIST framework, compliance mandates, or any regulations that may dictate specific behaviors or activities.
Task NIST Framework Alignment Description Review NIST CSF assessment results and monitor/update improvements in security controls.
Task Maintain Security Service Catalog Description Develop and maintain a comprehensive listing of organizational security controls.
Task Monitor Security Posture Description Maintain and update Capability Maturity Model documentation.
Task Security Report Description Technical analysis, documented deficiencies, executive summary.
Task AD Security Assessment Description Review Active Directory design and security configuration.  Develop Corrective Action Plan and remediate findings.
Task Develop Data Mapping Description Identify data locations and map the transfer of data within the organization.  Update results on a quarterly basis.
Task Firewall Assessment Description Review firewall configurations for loose rule sets, improper configurations, unused access control lists, etc.
Task Risk Assessments Description Review existing RA documentation, update, or conduct assessments and provide reporting.
Task Cloud Security Assessment Description Review cloud service providers and services for appropriate security controls
Task Review Incident Response plans Description Review or develop IR plans relevant to organization’s needs.
Task Board Report Description Technical analysis, documented deficiencies, executive summary.
Task Penetration Testing Description Identify weaknesses in technology or physical environment that could lead to compromise by a bad actor.
Task NIST Security Assessment Description Perform assessment of security controls utilizing the NIST Cyber Security Framework.  Results will be used to drive security controls’ improvement throughout the year.