Virtual CISO (vCISO)

Our vCISO services provide the expertise needed to achieve the right level of security for your company. Working on a part time or project basis, our vCISO services can have a major impact on your program.


Real World CISO Experience

With extensive CISO experience between the Fortune 1000 and start-up worlds, we bring the depth and breadth of industry knowledge and professional relationships necessary to up level your security strategy.

Customized Approach

We believe that the security program should be tailored to your business and that your security strategy should adapt over time to align with business objectives and a changing risk landscape. Our risk-based approach will provide solutions specific to your business.

Trusted Advisor

While we maintain strong industry ties, we do not recommend products or services based on vendor partnerships unbeknownst to you. We will make recommendations based on what is best for you.



Service Offerings

The Fractional CISO will help you build your security program over time at your own pace until they are no longer needed. The service is ideal for customers that may not be ready for a full time CISO, have a temporary gap in security leadership, or want additional support for their existing security leader. The retainer service includes a monthly bucket of hours to draw from for an annual fee based on the number of hours needed per month.


Full Suite of CISO Coverage

Hours can be scheduled per the customer’s needs and cover any topics required.

Examples include:

  • Addressing cyber security risks of planned mergers and acquisitions
  • Reviewing risks associated with changing business models, including adequate data protection for sensitive data and operating in new jurisdictions
  • Identifying customer’s greatest concerns and your company’s greatest risks
  • Balancing cyber security and privacy
  • Creating board materials preparation and presentation
  • Developing program metrics, including KPIs
  • Supporting incident response situations
  • Compliance strategy, including SOC 2

Having a good security program is a journey. Wherever your program is today, you need to plan for the future. We can review your current security program through the lens of your business objectives and apply a risk-based approach to security that will provide you with the right-sized security strategy for your company.


Project Prioritization RoadMap

Review your current security profile to identify targeted, improvement opportunities based your company’s cyber risk profile. The roadmap will also provide a framework for on-going assessment of your cyber security landscape that can be used to understand the security impact of changes to your operating environment over time.

Security Program Improvements

Develop changes to the people, processes, and technology of your current security program to support future growth of the program and align with new business goals. Specific areas of improvement would be identified as part of a roadmap project or may already be known within your organization.

Are customers starting to ask security questions that you’re not prepared to answer?  Are deals not closing as quickly as you’d like due to customer security concerns? We can provide you with the short-term tools to answer security queries efficiently while building a longer-term plan to meet customer expectations based on your industry and regulatory requirements.


Sales Support

Create a process to enable a faster sales cycle in the near term, including:

  • Communicating your security stance with customers
  • Standard contractual terms and handling one-off customer requests
  • Responding to customer security questionnaires
  • Creating customer facing documentation

Building a Plan

Identify future security goals to support the markets and customers you want to reach, including:

  • Regulatory and compliance approach
  • Anticipating customer security expectations

Eric Etherington

CISSP, CISA, MBA vCISO, Practice Lead

Eric Etherington joined Cadence in 2020 and leads our vCISO practice. Previously at Dolby Laboratories, Inc. and Uber Technologies, Inc., Eric built foundational programs and teams that were successful in securing the business and enabling future growth. As a strong proponent of a risk-based approach to security, Eric is adept at identifying key areas of focus to maximize spend for risk reduction while creating the flexibility necessary to meet changing business objectives.

eric@thecadencegroup.com

415.244.1157

Join the Cadence Team

We take great pride in offering a large degree of flexibility to our employees by hiring independent professionals who can manage themselves.

View Open Positions