by John Verry | Apr 15, 2019 | Third Party Risk Management
Editor’s Note: This post was originally published in June 2013. It has been updated to reflect the name change from AUP to SCA. It seems that when most people hear “Shared Assessments” they immediately think of Vendor Risk Management. While that thought process is... by John Verry | Feb 19, 2019 | Security Awareness Training
Lots of companies offer good Security Awareness Training, including KnowBe4, Wombat, eLearning, MediaPro, SANS, and Pivot Point Security (I saved the best for last :>)). They all offer important modules that you should include in your training (phishing, social... by John Verry | Feb 13, 2019 | InfoSec Strategies
Einstein once said, “The more I learn, the more I realize how much I don’t know.” Unfortunately, I have come to that realization not just once, but about 758 times. As I was reviewing/tuning our company’s Risk Assessment in preparation for our ISO 27001... by John Verry | Feb 4, 2019 | ISMS Consulting
Okay, that was harsh… But anyone who has had the “pleasure” of explaining the “simple complexity” of the NIST Cybersecurity Framework to management or other non-technical folks understands how challenging it can be. As the Virtual CISO for several organizations that... by John Verry | Dec 20, 2018 | Third Party Risk Management
Sometimes TPRM is more art than science. As a big fan of the TV show “Community” I had to take a peek at the animated show “Rick and Morty” when I learned that Dan Harmon, the creator of Community, was its co-creator. As oddness would have it, the first show I watched...
