Recommendations

 

Cybersecurity Program Design and Support

“I have been a customer of Gideon’s for several years and have developed a close business relationship with him.

Gideon has supported me with many initiatives:

  • Risk assessments, risk management and program development
  • Strategy and consulting on cloud services and vendors
  • Documentation assistance on policies and legal contract language used for business partners that access our data

    Gideon has been fantastic to work with. He often goes above and beyond my expectations. I will continue to contract with him to assist me with various projects going forward.

    Gideon is an extremely talented professional and his services have been very valuable to myself and my organization. He has helped to mature my program and provided valuable guidance on many security projects and initiatives."

    - Chief Information Security Officer

    Cybersecurity Tabletop Exercises (TTX)

    "When you work with Gideon you can quickly glean his subject matter expertise and outright professionalism. I have worked with Gideon on several projects over the years, and none short of successful. One in particular that stuck out was his insights while he created a from-scratch tabletop exercise tailored to a previous organization I worked for. His attention to detail made it very easy to pick up and run with several cross-functional teams. Ask Gideon for anything, you will not be disappointed!"
    - Information Security Executive at a Managed Hybrid Cloud provider

    Cybersecurity Program Assessments

    "We contracted Virtual CSO to perform a risk assessment against our company, leveraging the NIST Cyber Security Framework. We do not map our internal security program to NIST CSF, so it gave us a good alternate view of the risk our company faces. Virtual CSO performed the assessment without prior knowledge of our company and were able to provide a very in depth report. This has helped our company get a stronger handle on residual risk that remains after our compliance requirements. This has strengthened our risk register and helped us craft a multi-generational plan to drive down risk throughout the company."
    - IT Security Manager at a company in the Aerospace and Defense field

    "We have leveraged Gideon's assessment services over several years. He has conducted two cybersecurity program assessments, a department assessment and an assessment of critical processes. Each assessment was thoroughly customized to our organization. Gideon's reports and presentations resonate with executive leadership, resulting in resource allocation and proactive risk mitigation. Gideon has been fantastic to work with. He often goes above and beyond my expectations."
    - Chief Information Security Officer at a Government Organization

    Business Risk Assessments

    "I had the pleasure to work with Gideon recently and I am impressed with his professionalism and attention to details. With his knowledge and expertise in cybersecurity, he was able to guide our staff and help them complete a risk assessment of their processes effectively and provide meaningful recommendations. Gideon was timely with his deliverables and conscious about our business needs."

    Security Operations Center (SOC) Assessment

    "We were considering a SOC service provider and engaged Virtual CSO to conduct due diligence. The SOC provided a current ISO 27001 certificate at the beginning of the assessment. Virtual CSO identified significant issues with the SOC's processes and technology. We did not move forward with that service. Crisis averted."

    Security Awareness Program Assessment

    "We contracted Gideon to perform an in-depth, independent assessment of our information security awareness program, which includes training, phishing exercises and cyber exercises. Gideon leveraged the NIST Cyber Security Framework and the Homeland Security Exercise and Evaluation Program (HSEEP) guidance to assess the programs. Gideon’s detailed, in-depth and comprehensive report has empowered our program to successfully challenge existing roadblocks and tackle several low-effort, but high-reward improvements. Gideon is personable and very experienced; he has been wonderful to work with and enriched our programs through his efforts. I highly recommend his work.”
    - Security Awareness Manager at a Financial Institution

    "We engaged Virtual CSO to review our security awareness program and provide an assessment for areas of improvement. Virtual CSO delivered a comprehensive analysis based on a combination of experience, NIST standards interpretation and research. We were very pleased with the outcome as it provides a roadmap of future enhancements that will ensure our awareness program remains an excellent offering and continues to protect our organization."

    Penetration Test Program Assessment

    "Our company engaged Gideon to perform an assessment of our penetration testing program to identify any areas of deficiency or room for improvement. Gideon performed an excellent review of our processes and procedures and offered educated and strategic recommendations to assist in improving an already mature environment. Based on his years of experience and insight, he's able to assess an environment from a security perspective and offer guidance for perfecting programs and taking them to the next level. He's more than capable of looking at the big picture while also understanding the unique components that make up each aspect of a sound security program and make recommendations for perfecting underlying processes."

    Agile Security Testing Assessment

    "We engaged Gideon to perform an assessment of our penetration testing program. After a thorough review, he was able to make recommendations that would further assist in an already mature program. His knowledge and years associated within the security industry provide for him to see the “big picture” and provide guidance and assistance in getting to the ultimate goal."

    Paid Speaking Engagements

    "Gideon joined us as a keynote speaker for a cybersecurity event based in Austin, Texas, sharing insights on the topic "Cybersecurity Team Development and Retention." He was excellent to work with throughout the whole process, from preparing talking points, to promoting the event actively with his network, to excellent delivery on stage. The audience enjoyed the talk and engaged with Gideon through an active Q&A -- one attendee even remarked to event organizers: "We rarely get content on how to become a manager in security, or how to best support your team and also advocate for yourself. This was just as helpful as the technical topics we typically get at conferences -- if not more." With feedback like that, we would recommend Gideon as a partner for any paid speaker engagement!"

    "Gideon provided a paid security speaking engagement for a business unit of our company and was very comprehensive. He provided all content and resources and was extremely well prepared. He even went so far as to arrange several calls ahead of the presentation with myself (security professional) and the group head to ensure that the content of the presentation was well tailored for our group. Gideon's presentation was very well received by the team to which he spoke. He got our business people thinking about security and kept them engaged for the duration of the talk."
     
    •