Adwisery experts have started providing Chief Information Security Officer (CISO) services to an organisation in the higher education sector, strengthening its information security management and regulatory compliance

During the project, the following will be performed:

• The assessment of the importance of the managed state information assets and the preparation of the importance assessment report;
• The preparation of the drafts of the Network and Information Systems Cybersecurity Policy and the procedures implementing it;
• The submission of information on the approved Client’s NIS cybersecurity policy and the implementing procedures to the Cybersecurity Subjects Information System administered by the NCSC, in accordance with the requirements and deadlines set out in the legislation;
• The preparation of the required plans, including the Cybersecurity Governance Monitoring Plan, the NIS Business Continuity Management Plan, and other related plans;
• The annual assessment of the Client’s compliance with the requirements of the Law on Cybersecurity of the Republic of Lithuania, its implementing legislation, and the Client’s NIS cybersecurity policy and implementing procedures;
• The annual cybersecurity risk assessment;
• Support to the Client in preparing for and conducting the annual NIS business continuity management plan exercise;
• The organisation and delivery of annual cybersecurity training and preparation of the training report;
• Assistance to the Client in procuring network and information system vulnerability scanning (technological vulnerability assessment and penetration testing) services and providing consultations during their implementation;
• The coordination of the Client’s information and cybersecurity incident management;
• Consultations to the Client’s management and responsible employees on the implementation of measures set out in the nonconformity remediation plan and the risk management action plan, as well as on other information and cybersecurity management matters.

Pusrpose:

• To ensure proper management of cybersecurity and compliance with the requirements of the Law on Cyber Security of the Republic of Lithuania and its implementing secondary legislation.

Benefits:

• The Client will comply with the requirements of the Law on Cyber Security of the Republic of Lithuania and its secondary legislation, ensure adequate protection of information and technological infrastructure, reduce the risk of cybersecurity incidents, and strengthen the organization’s reliability and resilience.

Estimated duration of initial service:

Services description links:

• Preparation for Directive (EU) 2022/2555 (NIS 2) of the European Parliament and the Council services
• Services of Chief Information Security and Cyber Security Officer