In this video for Help Net Security, Jeff Hoskins, vCISO at BARR Advisory, explains the concept of a vCISO, which stands for virtual chief information security officer, and describes the services that a vCISO might provide.
A vCISO is an outside consultant that comes in when a company needs help. The virtual part gives clients a few advantages. First, a vCISO can be less expensive than a full-time CISO. Second, it offers specialization in security. Third, it specializes in specific annual activities like a SOC2 audit, an ISO audit, a vendor assessment, etc.