Levi, Ray & Shoup, Inc.

LRS’s security experts provide guidance on issues such as risk management, policy development, user awareness and training, regulatory compliance, audit preparation etc., most commonly through our vCISO engagement. A tailored set of services can be developed for your specific needs, ensuring a right fit for you.

Strategic-Consulting-1-Left.png
Strategic-Consulting-2-BG.png

LRS Virtual CISO Program - Total Information Security for Your Business

In today's digital landscape, protecting sensitive information and assets is essential for the success of any business. Unfortunately, many organizations lack the resources or expertise to develop and maintain a robust information security program. That's where the LRS Virtual CISO program comes in.

Our program provides organizations with a cost-effective solution for enhancing their information security posture. Our team of experienced security professionals offers a comprehensive approach to information security, including risk assessment, security architecture design, security strategy development, and ongoing security management.

Our Virtual CISO program is tailored to meet the unique needs of each individual client. Our experts work closely with your team to understand your business goals, operations, and risk profile, and develop a customized security plan that is tailored to your organization.

Strategic-Consulting-2-Right.png

 

LRS's Virtual CISO program provides numerous benefits to your organization, including:

  • Access to a highly skilled and experienced security team, without the cost of hiring and maintaining an in-house team
  • Customized security solutions that fit your organization's specific needs and requirements
  • Proactive security management that stays ahead of the latest security threats and vulnerabilities
  • Increased operational efficiency, as our experts identify and mitigate potential security risks before they become a problem

Information security is a constantly evolving landscape and staying ahead of the latest threats and vulnerabilities requires a dedicated and experienced team. Choose LRS's Virtual CISO program, and rest assured that your sensitive information and assets are in good hands. Contact us today to learn more about our program and how we can help secure your organization.

Strategic-Consulting-2-Right.png
Strategic-Consulting-3-BG.png

Virtual CISO

Learn More

LRS vCISO Program Tasks

Not only are LRS vCISO tasks customizable, based on the client’s needs, your organization is getting access to an entire security team.

Here are just a few examples of the tasks that LRS can include in your customizable VCISO Program:

TaskDescription
Vulnerability Management ProgramDevelop implementation and test plans for vulnerability management.  Track progress monthly.
Change Control Process DevelopmentCreate policies and procedures for change management.  Ensure that change requests are completed, approved, and retained for all system changes in the environment.
Internal and External Vulnerability AssessmentsAssess public-facing and internal systems for known vulnerabilities.  Provides scoring of vulnerabilities with remediation plans.
Creation and review of Directives Documents - (Policies, Standards, Procedures)Review or author security policies necessary for the environment.  Policies will align with NIST framework, compliance mandates, or any regulations that may dictate specific behaviors or activities.
NIST Framework AlignmentReview NIST CSF assessment results and monitor/update improvements in security controls.
Maintain Security Service CatalogDevelop and maintain a comprehensive listing of organizational security controls.
Monitor Security PostureMaintain and update Capability Maturity Model documentation.
Security ReportTechnical analysis, documented deficiencies, executive summary.
AD Security AssessmentReview Active Directory design and security configuration.  Develop Corrective Action Plan and remediate findings.
Develop Data MappingIdentify data locations and map the transfer of data within the organization.  Update results on a quarterly basis.
Firewall AssessmentReview firewall configurations for loose rule sets, improper configurations, unused access control lists, etc.
Risk AssessmentsReview existing RA documentation, update, or conduct assessments and provide reporting.
Cloud Security AssessmentReview cloud service providers and services for appropriate security controls
Review Incident Response plansReview or develop IR plans relevant to organization’s needs.
Board ReportTechnical analysis, documented deficiencies, executive summary.
Penetration TestingIdentify weaknesses in technology or physical environment that could lead to compromise by a bad actor.
NIST Security AssessmentPerform assessment of security controls utilizing the NIST Cyber Security Framework.  Results will be used to drive security controls’ improvement throughout the year.