CASE STUDY:
Fractional CISO Services and Affordable Security Operations and Monitoring
BRIEF:
An undergraduate college had grown to the point of needing a CISO but was blocked by the typical cost of security talent.
ROLE OF MAX2:
Conduct an initial security assessment to determine regulatory compliance and security posture of the institution.
Provide a dedicated resource to serve as the college’s CISO who could manage projects arising from the assessment.
Implement a Security Operations Center as a Service for ongoing monitoring of logs and the resulting actions identified.
WHAT WAS DELIVERED?
A full assessment of cyber posture at the college encompassing students, faculty, and staff access, knowledge, and requirements. Also including a full review of technology and tools in place and any gaps identified along with policy review and gap analysis.
Augmentation of staff at the college with an experienced CISO otherwise unaffordable with current budget constraints.
Selection and implementation of a vendor to provide log monitoring and alerts to the newly placed CISO and the senior network team.
OUTCOME:
The undergraduate college was able to add a qualified CISSP to their team without the typical cost. The new CISO was able to conduct ongoing assessments and aid in managing security projects, including the implementation of log monitoring and alerts.