A vCISO helps the organization take charge
Managing highly visible malware incidents can challenge any organization. Many healthcare organizations lack
highly expert senior-level cybersecurity staff, making the task even more considerable. In the wake of a malware
incident, this organization turned to Unit 42 to serve as a vCISO to identify and manage risk as well as provide extensive
communication assistance to customers, attorneys, and regulators, giving status updates on remediation measures
implemented to mitigate risk.
The vCISO immediately took charge of the organization’s internal cybersecurity team, performing the role of the chief
information security officer. The new vCISO was responsible for collaborating with internal business groups to develop
a robust information security program, authored a multiyear cybersecurity roadmap of tactical initiatives, and built a
short- and long-term budget to support these initiatives.
During the engagement, the vCISO became a trusted advisor to the corporate executives and, ultimately, the board of
directors, providing a highly effective communication function internally, externally, and up the chain of command.