Security Solutions
vSEC has deep expertise evaluating and building security programs and controls for companies in many industries.
Compliance
vSEC uses security frameworks and standards to review and improve client security. Formal controls can demonstrate compliance with security standards and with regulatory guidelines.
Privacy
Privacy policies are closely linked with security controls, and vSEC works closely with privacy experts to help clients implement effective privacy practices.
How It Works
You need confidence that your critical systems and confidential data are safe. vSEC helps firms develop and manage their cyber security programs so they can protect their business and meet regulatory standards for security.
vSEC applies decades of security experience to create, assess and improve security programs for large, medium and small organizations. We provide guidance to boards, senior executives and security officers, using our business and security knowledge to help them identify and better manage their organization’s security priorities.
Tackle Urgent Priorities
Many companies first think about cyber security when they have a suspected breach, pending audit, or client demands for security certifications. We can help.
Understand Company Goals
Make sure the ‘CIA’ (Confidentiality, Integrity, Availability) goals focus on what is most important for the company.
Review Current Security Policies and Controls
Understand current security controls and risks. This may include a cyber risk assessment.
Establish Target Risk Profile
Work with executives to set a target risk profile and security maturity level appropriate for the business.
Roadmap
Develop a multi-project plan to achieve the cyber risk target.
Revise Policies and Controls
Anyone can download general policies; we design policies to reflect how your business actually operates.
Implement and Monitor
Procedures and tools are required to make policies and controls work, and these need to be monitored for effectiveness and revised as needed. A policy has no value unless it is implemented.
Virtual CISO Security Consulting Services
Many organizations cannot find or do not need a full-time 15+ year experienced Chief Information Security Officer. vSEC offers security advisors, known as Virtual CISOs, to provide long-term leadership and support for a client’s security program. In addition to our own expertise, we work with a network of established CISOs and security vendors who provide specialized services including penetration testing, security training programs, software development reviews and security operations services.
Why Choose Us
Many organizations cannot find or do not need a full-time 15+ year experienced Chief Information Security Officer. vSEC offers security advisors, known as Virtual CISOs, to provide long-term leadership and support for a client’s security program. In addition to our own expertise, we work with a network of established CISOs and security vendors who provide specialized services including penetration testing, security training programs, software development reviews and security operations services.
About vSEC
vSEC's focus is to provide its clients with top level security guidance to protect their organization and to meet their business goals.
Cyber Facts
7 Months: For a breach detected in 2019, on average the breach occurred 7 months earlier.
90% +: of malware attacks are through email. Security awareness training is critical.
85% + : Ransomware, funds transfer losses and email compromise attacks are over 85% of cyber insurance claims in 2020.
‘CIA’ : Cyber security focuses on protecting the Confidentiality, Availability and Integrity of a company’s systems and data.
Our Trusted Partners
vSEC is product agnostic, and we recommend solutions appropriate for our clients’ needs. We do have preferences for service providers, having worked closely with several for many years.
- G-Sharp
- Kudelski
- onShore
- SentryBay
- RedEchoes
- KnowBe4
- Covenant
- Jemurai
- Cyvatar
Our Aspioneer
Driving Businesses Towards A Secure Digital Future
Securing cyberspace is unquestionably one of the most pressing issues confronting businesses today. The aggregate of businesses transforming digitally has grown exponentially in the past decade. While information technology has proved a blessing for many business sectors, it also created risks for the security of organizations’ systems and digital data. These systems and data are the biggest asset for many companies, which makes their entire businesses vulnerable to cybercriminals and cyber-attacks.
Our projects
You need confidence that your critical systems and confidential data are safe. vSEC helps firms develop and manage their cyber security programs so they can protect their business and meet regulatory standards for security.
Common projects include:
- Perform a security risk assessment
- Create or review security policies
- Review an existing security program
- Implement and support a Third Party (vendor) Risk Oversight Program
- Review and improve an Incident Response Plan
vSEC has created a self-administered survey to help commodity and futures industry firms better understand the coverage of their current security policies and controls compared to those identified in NFA Notice 9070. Click this link to get started.
January 2020. Mike Phillips’ presentation at John Lothian’s MarketsWiki Education Series that was tailored to fostering and encouraging new talent into the field of cyber security. Mike talks about his career in the financial and information security industries, and how to protect yourself from common cyber security threats. Mike shared his professional and personal career perspective to the audience which included industry professionals, interns, recent college graduates and Greenwood Project participants.
