An on-hand, trusted advisor to help you on your cyber security journey.
Having a Cyber Security Subject Matter Expert as a full-time employee could prove to be prohibitively expensive, especially in a smaller business where they may not be fully utilised. CND offers a service for an on-demand ‘virtual’ Chief Information Security Officer (vCISO), where the level of engagement is tailored to your business needs and to your budget.
Your vCISO can undertake a variety of activities, as determined by a preliminary scoping of the role - from responding to your questions and security issues to conducting onsite visits, attending meetings and delivering briefings.
Similar to our vCISO service and in response to the CAA Cyber security oversight process for aviation - CAP1753 we offer the virtual Cyber Security Responsible Manager (vCRSM).
Our vCSRM will work for the airport's Accountable Manager to assist in the preparation for the achievement of their cyber security compliance when audited, Our vCSRM will scope the critical systems as per CAP1849 and ensure that the fourteen principles which are spread across the four broad objectives are being met as defined within CAP1850.
CND are working towards becoming a CAA ASSURE Certification Body.
The CND virtual CySO (vCySO) is onhand to provide the necessary advice and guidance as an appropriate professional cyber security resource where a ship company employee is nominated as the actual CySO.
"The person or persons tasked to manage and coordinate the cyber security of a ship"
The maritime Cyber Security Officer (CySO) is responsible for all security aspects of cyber-enabled systems on the ship, i.e. both the IT, OT and communications systems. The CySO maintains awareness of legal and regulatory changes that could affect the cyber security of ship assets and where necessary, make adjustments in policies, processes and procedures to comply with those changes. Ensuring the development, periodic review and maintenance of the Cyber Security Assessment and the Cyber Security Plan.
"Where the CySO has insufficient knowledge of all cyber security issues and solutions, they should seek specialist cyber security advice from an appropriate professional source"