Virtual CISO Services — Vancouver, BC

Enterprise security.
Without the
enterprise cost.

Your organization faces real cyber risk. A full-time CISO costs $180,000+ a year. Blackswan CISO gives you the security leadership you need — at a fraction of that price.

Book a free 30-min call View service packages
Why SMBs choose virtual CISO
83%
of SMBs lack a dedicated security leader
Yet regulators, insurers, and enterprise customers increasingly require evidence of a formal security program.
$4.5K
starting monthly retainer
vs. $180,000–$220,000 annually for a full-time hire. Same expertise. No benefits, no equity, no hiring risk.
1wk
to get started
Signup, and your first advisory session is booked within days — not months.
The problem

You know you need security leadership. Hiring isn't the answer.

Most 50–500 person companies are caught between "we need this" and "we can't justify the headcount."

Cyber insurance is demanding more

Insurers now require documented security programs, incident response plans, and risk registers before renewal. "We have an IT guy" doesn't cut it.

Enterprise customers are asking harder questions

Security questionnaires, vendor assessments, and SOC 2 requirements are now standard in any B2B sales process. Every unanswered question costs you the deal.

One breach changes everything

The average cost of a data breach for a Canadian SMB exceeds $4M. Ransomware recovery alone can take months. A proactive program is cheaper than the alternative.

Service packages

Security leadership that scales with your needs — helping you prepare for Blackswan events

Foundation
Blackswan Security Leadership Sprint
Starting from$4,500
  • Focused 3–4 week engagement
  • Leadership interviews
  • Current-state security assessment (CSF-aligned)
  • Top 10 prioritized risk register
  • 90-day security roadmap
  • Policy coverage assessment
  • Incident response readiness review
  • Questionnaire readiness assessment
  • Two working sessions (findings + roadmap)
Most Popular
Blackswan CISO as a Service
Starting from$4,500/mo
  • Builds on Foundation, plus:
  • Ongoing roadmap ownership and prioritization
  • Monthly leadership session to review risks, priorities, and roadmap progress
  • Risk register maintenance and updates
  • Executive-level reporting
  • Incident response readiness oversight
  • Security governance and decision support across: policy direction, risk prioritizaiton, vendor decisions, security planning
  • Vendor and security advisory
Enterprise
Specialized Engagements
Scoped Per Engagement
  • For organizations requiring deeper implementation or compliance execution
  • SOC 2 readiness and preparation
  • PCI DSS preparation
  • Policy development and documentation
  • Preparation and completion of security questionnaires for customer and vendor assessments
  • Security program implementation and build-out
  • Pen test coordination

Why virtual CISO

The smarter way to run a security program

01

Transparent and portable security program

Your deliverables are yours from day one. No vendor lock-in, no black box. If you ever part ways, you walk away with a structured security roadmap, risk register, and governance foundation that can evolve with your business.

02

Frameworks built in, not bolted on

Security programs aligned to recognized frameworks such as NIST CSF, SOC 2, and PCI DSS

03

Real-world security leadership

Security leadership grounded in real-world program experience; not generic compliance advice.

04

Your program grows as your business does

Your security program evolves as your business grows; from initial risk visibility to structured governance and compliance readiness.

Full-Time CISO Blackswan vCISO
Annual cost $180K–$220K + benefits From $54K/yr
Time to start 3–6 months to hire Within 1 week
Framework expertise Varies by candidate SOC 2, NIST CSF, PCI-DSS
Flexibility Fixed headcount Flexible engagement model that adapts to your needs
Termination risk Severance, notice period Flexible engagement terms compared to full-time hiring
Data ownership Employment dependent Clear ownership and access to your security documentation and program artifacts
How it works

Up and running in weeks, not months

Step 01

Free discovery call

30 minutes. We talk about your current security posture, compliance needs, and what keeps you up at night. No pitch, just conversation.

Step 02

Proposal & agreement

I send a tailored proposal within 48 hours. Review and sign, we address any of your questions.

Step 03

Onboarding & gap analysis

Kickoff call. I send an intake questionnaire beforehand so we hit the ground running. Initial gap analysis delivered by first few weeks.

Step 04

Ongoing program delivery

Ongoing advisory and program guidance Monthly sessions, continuous risk tracking, and structured security program evolution.

Frameworks & standards covered

SOC 2 Type II
NIST CSF
PCI-DSS
CIS Controls
About
Warren Mok headshot
Based in
Vancouver, BC, Canada
Serving clients throughout Canada
Your Virtual CISO

Warren Mok
vCISO

I've spent the last 10 years as overseeing Cyber Security and IT at private and public sector environments, building security programs, managing risk, and helping teams navigate compliance frameworks from the inside.

I started Blackswan CISO because I kept meeting founders and operations leaders who knew they needed security leadership but couldn't justify a full-time hire. That gap is exactly what this practice is designed to fill.

Certification — CISSP / CISM / CISA
10 years in cybersecurity
Experience in public and private industries
Extensive hands-on experience leading SOC 2 Type II and PCI-DSS compliance programs, and NIST CSF-centered cybersecurity programs
Based in Vancouver — Serving clients throughout Canada
Book a free call

Ready to build a
real security program?

Book a free 30-minute discovery call. No commitment, no pitch deck — just an honest conversation about where you are and what you need.

Book your free call

Get in touch

Email
warrenm@blackswanciso.com
LinkedIn
linkedin.com/in/warrenwkmok
Location

Vancouver, BC — serving clients throughout Canada