This content is restricted to site members. If you are an existing user, please log in. New users may register below.
With a current total cash compensation ranging from $208K to $337K, hiring a chief information security officer (CISO) may not be in the budget for small or midsize organizations, especially those that aren’t heavily regulated. At the same time, these organizations recognize the growing importance of being more strategic and the necessity of having a leader responsible for program creation and guidance. “The good news for such organizations is that Gartner has seen an uptick in what we are calling ‘virtual CISO’ offerings,” says Jeffrey Wheatman, VP Advisor . “For organizations that need to fill the need for leadership but are not in a position to bring in a full-time and often very costly qualified CISO, the virtual CISO — a combination of staff augmentation, consultant, advisor and strategist — might be an option.” Read more: Gartner Top 10 Security Projects for 2020-2021 At the most basic level, virtual CISO offerings are a hybrid of: Traditional staff augmentation, involving an on-site or virtual presence in meetings, events, operations and strategy planning Consultative engagement and management to drive creation and implementation of security and risk program artifacts, such as strategic and tactical roadmaps, architecture and policy, and to run risk management