Virtual Information Security Office

Information security is a key business risk that every organization needs to address. Are you prepared?

Does your organization struggle with hiring and retaining information security professionals?

Security compliance requirements are increasingly complex. Cyber threats continue to evolve and organizations are not as well prepared to handle these sophisticated cyberattacks. Organizations that host or maintain valuable information, such as personally identifiable information, are often specifically targeted by cyber criminals for financial gains.

Dean Dorton’s information security office (ISO) provides a team of experienced information security professionals who can augment your organization’s information security team or take the lead in designing, implementing, and maintaining a strong information security program on your behalf.

In addition, Dean Dorton’s ISO offers a variety of services to assist your organization as little as you want or as much as you need to continuously strengthen your information security program, so you can focus on your core business.

Steps to Producing a Successful Information Security Office

1  Security Program Maturity Review

We’ll provide a baseline of the current state of your information security program. We’ll review each of the following security domains and rank them on a maturity scale:

  • Information security management and culture
  • Information security planning
  • Compliance, audit, and accreditation
  • Budget and resources
  • Security awareness training and user education
  • Life cycle management
  • Incident response
  • Security controls
  • Cyber insurance review and compliance

2  Security Roadmap

The goal of the roadmap is to provide a crisp picture of your cyber risks and to clearly communicate what your organization needs to do to mitigate these risks going forward. The roadmap is often a combination of tactical items that need to be fixed right away and strategic items identified through the security program maturity review.

3  Security Program Management

Our team of information security professionals will ensure that your information security program is successfully designed, implemented, and maintained. We offer a comprehensive line of security program management services, or you can select individual a la carte services.

  • Security risk assessments: We’ll leverage the output to update your security roadmap.
  • Security policies and procedures: We’ll create or update these procedures to support your efforts in maintaining a mature program.
  • Security awareness program: We partner with KnowBe4 to offer a comprehensive security awareness solution.
  • Security monitoring: We’ll perform a high-level review of existing reports to ensure that processes are in place for proper security event escalation and response.
  • Technical security solutions: We’ll implement security controls to minimize the risk of unauthorized access to confidential information.
  • Incident response: We’ll provide expert opinion to prepare for an incident or to assist with the containment and remediation of the incident.
  • Security reporting: We’ll provide you with a scorecard that contains a high-level summary of where your information security program stands, your key risks, and education on the short- and long-term improvement opportunities.

Quick Contact

Send us your name, email, and phone, and a Dean Dorton representative will contact you.