Taking vCISO to New Heights with CySO | The Cyvatar Platform

Taking vCISO to New Heights with CySO | The Cyvatar Platform

  Cyvatar | 06/03/2021

By Stephanie Simpson, VP of Platform Management 

In my last blog, I introduced the platform’s new executive dashboard for cybersecurity, designed to deliver important and valuable cybersecurity business insights that matter to you and your execs.

Today, I am pleased to announce another feature release for the Cyvatar platform: CySO. CySO is the tool that powers Cyvatar’s vCISO solution. Before I delve into the features, I’ll give you a little background on our vCISO solution from our founder and former CISO…

“I was a CISO for 20 years and was most successful at developing tools, techniques, and expertise to help me solve problems as I moved up the ladder. Founding Cyvatar has given me the ability to share my best-kept secrets with our members to enable their cybersecurity success!”

Craig Goodwin, Cyvatar Co-Founder & Chief Product and Strategy Officer

If you know your business needs a better cybersecurity direction but you’re not financially or logistically ready to hire your own CISO, vCISO is an efficient and productive alternative until you are ready to hire internally.

vCISO handles all the responsibilities of an internal CISO, working with your executive team and internal functions to lead them toward a continuously secure state.

Your Cyvatar vCISO helps build trust with your customers and shareholders by developing security questionnaire responses, representing your strategy to external stakeholders, building robust presentations, constructing security plans quickly and cost-effectively, providing guidance for compliance standards, and much more.

Get the details on the vCISO solution.

New Platform Feature:
vCISO, Powered by CySO!

Now that you’re familiar with vCISO and how it can help your business, let’s talk about how Cyvatar is taking the traditional vCISO to new heights with CySO. CySO is a new Cyvatar platform feature that includes two tools: Cyvatar Trust Builder and policy manager, to support and automate your vCISO experience.

New Tool: Trust Builder

Trust Builder CySO

We hear from many businesses that need to streamline security questionnaires to build trust and confidence with their customers when it comes to cybersecurity strength. Security questionnaires are tedious, which is why our new Trust Builder feature allows you proactively to share your cybersecurity program information with customers and other key stakeholders.  

Trust Builder provides your business with a dynamic and customized cybersecurity summary that includes executive-level insights that matter to decision makers and stakeholders, giving them confidence in your cybersecurity program.  

Trust Builder includes:

Your compliance score distribution – Share your CIS 20 assessment results at any time with stakeholders and customers!

Your security controls – This section of the Trust Builder allows you to share your compliance status and security roadmap with customers and stakeholders. It includes your journey to compliance with solutions that map to the CIS controls.  If you have reached an “A” score, the solution you have that maps to the control will automatically appear under the compliant section. If you are still in progress on a control, the solution mapped to the control will show on your roadmap.  Your audience will feel confident about your security program when they have transparency and see that you are constantly working on strengthening your security posture.

Your cybersecurity policies – Cyvatar’s vCISO solution comes with eight custom cybersecurity policies to help your entire company adopt smart security practices. These policy summaries will show in your Trust Builder, allowing you to share them with stakeholders so they can feel confident that your company adopts policies to stay secure.

Editing and Download

Trust Builder summary customization: Since your Trust Builder is customized to your business needs, you can edit its contents at any time! Once the content is true to your cybersecurity program, you can download it as a PDF and share it with your organization and key stakeholders.

New Tool: Policy Manager

Many startups and small- to-medium-size businesses don’t focus on cybersecurity early in their lifecycle because they don’t think it’s a core business driver or they are unsure where to start, so they end up putting it off. The worst thing your business can do when it comes to cybersecurity is to put it off!

We advise businesses to just start somewhere, which is often with policy creation. Many startups are gravitating to Cyvatar’s freemium membership because it includes three free cybersecurity policies. If a business is scaling fast and needs more, they can subscribe to our vCISO solution and receive five additional policies.

Below are core policies that all businesses should have for their cybersecurity program:

Acceptable Use Policy

Acceptable Use Policy:

*included in freemium
Defines and outlines the acceptable use of computing and network resources as well as other organizational assets.

Business Continuity and Disaster Recovery

Business Continuity and Disaster Recovery:

*Policy directive on business continuity activities, including disaster recovery planning for all the critical business processes.

Incident Management Policy

Incident Management Policy:

*Guidelines provided to manage security incidents that threaten the confidentiality, integrity, or availability of information assets.

Information Security Policy

Information Security Policy:

Direct the design, implementation, and management of an effective information security program.

IT Asset Management Policy

IT Asset Management Policy:

Maintain up-to-date inventory and asset controls to ensure that equipment locations and dispositions are understood.

Password Policy


Establish a standard for creation of strong passwords, the protection of those passwords, and the frequency of change.

Threat & Vulnerability Management (TVM) Policy

Threat & Vulnerability Management Policy:

Set baseline requirements to continuously identify and remediate vulnerabilities.

Vendor Management Policy

Vendor Management Policy:

Set guidelines to maintain the security of your organization’s information systems and data when you work with third party suppliers.

If you need help with policy creation, Cyvatar is here for you. Contact us to discuss further.
CySO is live in the Cyvatar platform and ready to manage your vCISO needs!

We are always working on enhancements to tools and features, so stay tuned for more.

See for yourself by getting started with Cyvatar Freemium. If you’re already a member, log in and let us know what you think. 

We Made It Easy and 100% Free to Get on the Cyvatar Platform 

Your Cyvatar membership gives you access to our comprehensive platform, transparency to all your managed and unmanaged issues, analytics to show how your cybersecurity efforts have paid off, and the ability to allow our Cydekicks to manage your ongoing cybersecurity needs. Cyvatar membership—including access to our amazing all-in-one platform—is 100% free to start.

CydeKick Results

What are you waiting for?

Circa Las Vegas

Thurs. Aug 5th

Cybersecurity Reunion Pool Party at BlackHat 2021