Call us on 03450 21 21 51

VirtualCISO: the philosophy of product development
The SRM Blog

VirtualCISO: the philosophy of product development


Written by SRM

30th September 2016

Share this article

The Dalai Lama said: ‘When you talk, you are only repeating what you already know. But if you listen, you may learn something new’. It is, of course, doubtful that he was thinking of the world of information security when he came up with these words of wisdom, but they can and do apply to all of us involved in this constantly evolving industry. And nowhere more so than in the sphere of product development. After all, coming up with a product or service because it makes sense to the developer is a bit like repeating what you already know. Whereas, working on a new service with major input from existing clients, responding to a genuine gap or problem, will in turn meet a genuine need.

That is how SRM set about developing its VirtualCISOTM service. As an organisation, we do not sell products or impose structures on clients; we work with them. And through this approach, we build good working relationships based on a thorough knowledge of their businesses and the understanding that we are there to support, guide and facilitate them in achieving their goals. Our consultants never sell services or products their clients do not need. In short, they don’t talk; they listen.

So it was a natural development when our consultants were increasingly hearing requests from Chief Information Security Officers (CISOs) for support with their roles. At one end of the spectrum are those who simply want the whole problem effectively managed by an expert team. Others, for example, know what they need but want strategic guidance for long term plans or support in the board room. Because as the world of cybersecurity becomes increasingly challenging, so has the role of CISO. In blunt terms, the buck stops with them and that is particularly daunting when that individual is to be held accountable for any single breach of the company’s defences.

Through collaboration and listening we know that the challenges faced by different CISOs varies. But by pooling the accumulated wisdom of their collective experience, as well as the knowledge of our highly experienced consultants, we are developing a service which will provide users with an unrivalled resource to address specifically identified existing problems while also enabling them to pre-empt potential future issues.

After a development phase lasting many months, we are delighted to be able to say that the VirtualCISOTM will soon be launched to a wider market. We have worked with, listened and responded to the needs of all types of business: large corporates, SMEs and micro businesses as well as national government, health and educational institutions. And while their specific requirements may vary, the VirtualCISOTM has been developed to be flexible and responsive to this wide range of need.

Look out for an announcement at the beginning of Q4 2016 that the VirtualCISOTM is live. If, in the meantime, you would like to be involved with the last stages of product development or have any specific questions, please contact us.

Back to top