by John Verry | Feb 19, 2019 | Security Awareness Training
Lots of companies offer good Security Awareness Training, including KnowBe4, Wombat, eLearning, MediaPro, SANS, and Pivot Point Security (I saved the best for last :>)). They all offer important modules that you should include in your training (phishing, social... by John Verry | Feb 13, 2019 | InfoSec Strategies
Einstein once said, “The more I learn, the more I realize how much I don’t know.” Unfortunately, I have come to that realization not just once, but about 758 times. As I was reviewing/tuning our company’s Risk Assessment in preparation for our ISO 27001... by John Verry | Feb 4, 2019 | ISMS Consulting
Okay, that was harsh… But anyone who has had the “pleasure” of explaining the “simple complexity” of the NIST Cybersecurity Framework to management or other non-technical folks understands how challenging it can be. As the Virtual CISO for several organizations that... by John Verry | Dec 20, 2018 | Third Party Risk Management
Sometimes TPRM is more art than science. As a big fan of the TV show “Community” I had to take a peek at the animated show “Rick and Morty” when I learned that Dan Harmon, the creator of Community, was its co-creator. As oddness would have it, the first show I watched... by John Verry | Dec 14, 2018 | ISMS Consulting
Aristotle once postulated “horror vacui” (nature abhors a vacuum). His idea was that empty or unfilled spaces are unnatural as they go against the laws of nature and physics. Interestingly, this applies to information security strategy as well. The Role of a Chief...
