12 November 2013
Complete security service provider, Orange Cyberdefense has today announced former Sainsbury’s security team leader, Mark Sprules has arrived to spearhead its in demand CISO-as-a-Service practice, and promote security awareness programmes in the mid-enterprise market. CISO-as-a-service was designed to assist mid-size enterprise businesses in developing and maintaining an Information Security Management System (ISMS), and Sprules will be responsible for the company’s existing base of clients in sectors such as retail, property, publishing and charity as well as the day-to-day assurance of its own CISO duties and ISO 27001 requirements. The practice, developed by head of compliance, Carl Shallow, has grown due to an increase in demand for services in this area and is another sign of a client shift towards a more service-orientated approach. Prior to Orange Cyberdefense, Sprules led a team of information security analysts at Sainsbury’s since 2008, and worked closely with business stakeholders for the risk assessment and compliance of newly selected 3rd parties and secure delivery of business solutions. With over 27 years’ experience, he will also provide strategic security and information risk assessment, guidance on threat detection, protection measures and response planning for security incidents. Multiple certifications in the ISO27000 series, which represent best practice standards for ISMS, will also see Sprules strengthen SecureData’s data handling specifications across the entire business.
“The demand for security expertise in the mid-enterprise market is rising sharply; businesses know they need specialist expertise but not necessarily for 100% of the time.” “But perhaps more poignantly, organisations are also beginning to realise that there isn’t always a technology solution to deal with security, and that introducing specialist third-party knowledge, experience and bandwidth is becoming increasingly necessary in the fight against cyber threats.” “Even in a part-time capacity, services like this will ensure smaller organisations are assessing risk, detecting threats, protecting valuable assets and responding to breaches far more efficiently.”
“Not every organisation can justify the expenditure of a full-time security specialist, and it is great to be joining a company like SecureData that recognises each company’s requirements are different.” “The CISO service is designed to be flexible and help organisations regardless of size and maturity, so depending on the existing culture it can help in different ways; company-wide security awareness programmes, feeding ideas in to senior management or providing routine compliance and framework consultancy for auditing – all of these fall under the CISO-as-a-service umbrella.”