Global software company contracts for Virtual CISO



Client was facing a key decision that would affect the cloud transformation of a software product. Unsure of the costs, risk, or regulatory burdens introduced by the new model, they needed assistance from a seasoned security professional that could provide fact-based guidance on how best to achieve the security goals of the project. The organization was also looking to improve the implementation of some of their foundational security practices.


OnX assigned one of its virtual CISO consultants to the project. The consultant provided a variety of material assistance, first outlining the risks and benefits of several approaches to secure the cloud infrastructure and assets, considering existing and future regulatory compliance requirements. Next, the team collectively reviewed the organization’s overall security strategy, determining areas of priority given the threat landscape for the technology sector. Finally, the consultant helped reinforce the organization’s risk management practices, performing an objective risk assessment, comparing findings, and establishing a formal risk tracking solution for the organization to use going forward.


Client’s security posture is now far stronger. In following the strategy and executing on the projects selected, the organization’s computing environment is less vulnerable to attack. An inventory of business risk is regularly reviewed and control objectives to mitigate the risk are built and maintained by a skilled team. The cloud transformation effort is well underway with successful outcomes continuing to surface.