In our experience, small and medium organisations do not always have the requirement for a full time CISO, but still require strategic leadership across the business to advise on risk and oversee governance and regulatory compliance in relation to information and cyber security.
A vCISO can optimise security plans and move from a tactical position to a more strategic one.