Services - Welcome to JFX LLC

Giusmod enim tempor incididunt aut labore et dolore magna aliua ruis nostrud exercitation ullamco laboris.

JFX CYBERSECURITY CONSULTING SERVICES

COMPANIES ARE UNDER ATTACK. News headlines warn about hijacked email, ransomware, and hacked databases,1 while regulators, laws and professional standards make it increasingly clear that businesses must protect their critical information and operations, with executives responsible for any breaches. The risks are real. Unfortunately, many organizations lack the expertise to implement an effective security program. In particular, many board members and senior executives lack familiarity with the key issues to supervise a security strategy. This paper presents several elements of information and cyber security, including how Chief Information Security Offi cers (CISOs) and virtual CISOs can provide advisory expertise to companies.

JFX activities provided as part of its virtual CISO services include:

●  Perform Risk, Control and / or Regulatory Assessments (e.g., NFA 9070, FINRA Small Firm) to help organizations understand the current coverage of their security program and to identify gaps and areas for improvement. This step can meet the regulatory requirement for an independent security assessment.

●  Evaluate and develop a cyber security strategy and program to support business priorities and risk goals. This includes helping review and write policies to formalize desired security controls

●  Assist executives, managers and staff with operational integration of information security controls. This includes establishing a Runbook and RACI of security activities and responsibilities.

●  Design monthly management reports to monitor security program effectiveness.

●  Design monthly management reports to monitor security program effectiveness.

●  Establish Third Party Risk Management oversight to review, document and monitor vendor security controls.

●  Review, develop, and test security Incident Response Plans.

●  Review and assist with audit, regulatory, insurance, and client risk assessments.

●  Work with specialized security vendors, e.g., for SOC monitoring, penetration testing, software vulnerability testing and security awareness training.

●  Provide ongoing guidance based on cyber security best practices.

Email info@jfxllc.com  to learn how JFX can strengthen your cyber security.

JFX Services and Pricing 2024

JFX projects focus on meeting the business and security needs of each client. The price range reflects the time,expertise and scope usually needed to provide these services.

While JFX primarily provides virtual CISO advisory services, we also perform stand-alone projects for clients. Prices for the below services and projects reflect the time, expertise and scope usually needed to deliver these to our clients, although we can offer lower rates for pre-revenue startups and nonprofits.

Monthly Virtual CISO Services

$6,000 to $15,000 / month

This ongoing work covers an average of 1 day to 2 ½ days a week of leadership and support by a 10 to 20+ year security professional to develop a firmwide cyber security program. From assessment to strategy and roadmap, and implementation to monitoring your security effectiveness.

Cyber Risk Assessment

$6,000 to $11,000 / month

Perform a general cyber risk assessment, often using the NIST CSF or CIS-18 framework. Other frameworks available.

Vendor (Third Party) Risk Review

$3,000 to $8,000

Annual project to review appropriateness of security certifications or controls of a client’s own vendors. Initial focus is on vendors providing critical services and access to critical systems or confidential data.

Incident Response Plan, Table Top Exercise

$15,000 to $30,000

As a project, review or draft an Incident Response Plan and perform a “Table Top Exercise” to test the plan and the Incident Response Team in an event scenario.

NFA 9070 Annual Review

$3,000 to $6,000

For NFA regulated firms, perform a review and statement of the appropriateness of the firm’s Information Systems Security Program (ISSP). Click here for a 9070 self-assessment.

Quick Requests

$350 to $400 / hour

For quick requests for assistance not covered within a project or a virtual CISO relationship, JFX often can provide support on an hourly basis. Common requests include assistance responding to a client security survey, review of a security policy, or advice for a Board meeting.

Business focused cybersecurity consulting from JFX, LLC

About Us