what do these engagements focus on?
First and foremost, the defense of your business from cyber attacks.
Some businesses already have an internal or external vendor-based IT/Security team and clients want their cyber defense strategy audited against best-practices. This is also a great hygiene choice for many.
For many small to mid-sized businesses, there might be no need for a full time Chief Information Security Officer (CISO), so the option of a temporary or longer-term virtual CISO is a great option.