Consulting & IT Service Solutions in DFW, Throughout Texas and Colorado

CISO Advisory

Every day, there is another headline of an organization hit with a cyberattack or data breach. It doesn’t matter if you are a large company, small company, or a school system. Anyone can be a victim. 


The CISO plays a critical role in protecting the organization's sensitive information, ensuring the confidentiality, integrity, and availability of data, and managing risks related to cybersecurity. 


Flair Data Systems has a team of “vCISOs” or Virtual Chief Information Security Officers who have been in their position for a decade. They have built security programs, developed policies, plans and documentation, and dealt with cyber-attacks and data breaches. They came to Flair to help other companies put defenses in place and help answer the CEO’s question of “Are we secure?” and, “What is our biggest risk with cybersecurity?” Not only do they understand cybersecurity controls and technology, but they can also speak to the C-suite about cyber risk to the business. 


Many customers are now facing compliance requirements to win contracts or stay in business. Our CISOs have had experience in compliance and make sure the right cybersecurity controls are in place. They already have policies, plans, and other documentation ready, so you do not have to spend time developing it. 

They have also led multiple organizations through their “worst day” with a cyberattack or data breach. They can help coordinate the response and recovery to help the company stay in business. Flair Data’s on staff CISO’s, Jessica Nemmers and Brent Forrest, can step in to provide cybersecurity guidance as a vCISO. Book a free 30 minute consultation with one of our CISO’s by filling out the form below.

Jessica Nemmers, Field CISO 

Jessica Nemmers is a Field Chief Information Security Officer (CISO) with Flair Data Systems. In her role, Jessica acts as an advisor to organizations providing guidance on all aspects of cybersecurity, from developing strategies for protection and resiliency to implementing controls to meet compliance requirements. With over 25 years in the IT industry, Jessica’s passion for security began while working in datacenter operations at Perot Systems (now NTT Data). She later became the first CISO at Commercial Metals Company (CMC) where she built a cybersecurity program from the ground up. She became a Chief Security Officer in the financial industry at Elevate Credit.

Jessica Nemmers, Field CISO 

Brent Forrest, Field CISO 

Brent Forrest is a Field CISO with Flair Data Systems. In this role, Brents acts as an advisor to customers that span across different verticals providing guidance to include; developing strategies to reduce risk with existing or innovative technology while enabling the business. With over 20 years of experience in the IT industry, Brent has been able to be a part of multiple groups within the IT field spanning from Telecom, Network, Wireless, Infrastructure, and eventually finding his passion within Security. Roughly 20 years of that time was spent within the Oil and Gas industry working across multiple teams and leading initiatives. Specifically with EnLink Midstream, he spent the majority of his time building resilience and developing the cybersecurity program from the ground up. 

Brent has been with Flair Data for 3 years and is CISSP, C|CISO, CvCISO, & Sec+ certified. In his free time, he likes to spend time with family, working out, or staying up with personal development. 


He lives in Dallas, Texas with his wife and children.

Compliance

Cybersecurity compliance means adhering to standards and regulatory requirements set forth by a government agency, law or authority group. Organizations must achieve compliance by establishing risk-based controls that protect the confidentiality, integrity, and availability (CIA) of information. The information and organization houses must be protected, whether stored, processed, integrated, or transferred.



Compliance is vital to limit and organizations risk. Here are some types of data subjected to Cybersecurity compliance: 

Financial Information

The most common set of regulations are found in the Federal Financial Institution Examination Council handbook (FFIEC IT)


  • Credit card numbers, expiration dates and card verification values (CVV)
  • Bank account information
  • Debit or credit card personal identification numbers (PINs)
  • Credit history or credit ratings

Protected Health Information (PHI)

The Health Insurance Portability and Accountability Act (HIPAA) is perhaps the most well-known cybersecurity regulation because it impacts everyone.


  • Medical history
  • Insurance records
  • Appointment history
  • Prescription records
  • Hospital admission records

Government

Federal regulations are continually changing. Federal Information Security Management Act (FISMA), FIPS, and NIST guidelines are closely related and require updated company policies to manage data compliance.

Publicly Traded Companies

The Securities and Exchange Commission (SEC) has implemented new rules regarding cybersecurity disclosure for publicly traded companies. Starting on December 15, 2023, companies must disclose risks in their annual reports.

Flair Data Systems Offers Services Around Compliance:

  • Cybersecurity controls and compliance program assessment
  • Cyberattack and data breach risk management
  • Security and Compliance program design and strategy
  • Cybersecurity Technology Solutions: implementation and configuration
  • Third Party Risk Management
  • Cyber incident response planning and tabletop exercises
  • Cyber Incident Response Support
  • Vulnerability Assessments
  • Security Awareness training
  • Business Continuity and Disaster Recovery Planning
  • Executive/Board metrics design and presentations

The vCISO team has partnered with best-in-class organizations to provide our customers the highest level of protection and business resiliency through:



  • Penetration Testing Services
  • Managed Security Service Provider (MSSP) and Managed Detection and Response (MDR) services
  • Digital Forensics and Incident Response (DFIR) Providers
  • Cyber Insurance Providers


Interested in speaking with our CISO’s? Fill out our form and we will contact you shortly.

Assessments

A cybersecurity assessment, or cybersecurity risk assessment, analyzes your organization’s cybersecurity controls and their ability to remediate vulnerabilities. This assessment requires an organization to determine its key business objectives and identify the information technology assets essential to realizing them.


Ask yourself these questions:

• Do I know where my data is located?

• What is the likelihood of a cyber-attack happening?

• What impact would a data breech have on my business?


If you do not know the answers, we can help.

Our CISO Experts Can Help You:

• Scope a RISK Assessment

• Identify Cyber risks

• Identify threats

• Compile cyber scenarios

• Analyze, Prioritize, and Document risk


A cybersecurity risk assessment is a complicated and ongoing task, so time and resources need to be made available if it is going to improve the future security of the organization. We can help by providing a repeatable process and template for future assessments, to reduce the time and effort required. Let us know how we can assist you!


Interested in speaking with our CISO’s? Fill out the form and we will contact you shortly. 

Contact Us

Call Flair Data Systems in Plano, TX at 214-445-3500 to schedule a consultation.

Share by: