by John Verry | Sep 1, 2021 | Cybersecurity Maturity Model Certification (CMMC)
Reading Time: 2 minutes
Like a Kardashian, CMMC (and NIST 800-171) get all the press, while DFARS lives far out of the limelight. Like the Kardashians, paying too much attention to the glitz instead of spending more time on the substance is a waste of...
by John Verry | Aug 9, 2021 | InfoSec Strategies
Reading Time: 4 minutes
News flash for those who have been asleep for the last few years—there are a lot of security issues in IoT. When an issue rises to the level where it is a key component of a Presidential Executive Order, it’s pretty mainstream. Yet,...
by John Verry | May 19, 2021 | InfoSec Strategies
Reading Time: 2 minutes
In speaking with a client this week about the Colonial Pipeline Attack I referred back to the Maersk attack as they both illustrate the interconnected nature of critical suppliers. What is particularly concerning to me is how we are...
by John Verry | May 18, 2021 | ISMS Consulting
Reading Time: 4 minutes
Part of my day job is acting as Pivot Point Security’s CISO. In that role, I have participated in our ISO 27001 ISMS Internal Audit and our Registrar’s Surveillance Audit over the last two weeks. In the initial meeting, I always say...
by John Verry | May 17, 2021 | InfoSec Strategies
Reading Time: 3 minutes
To a harried CTO who is tasked with dealing with security issues at the expense of his cloud migration efforts, a vCISO to make some of that work/pain go away sounds like the answer to a prayer. But is the vCISO an expensive luxury...
