by John Verry | Dec 14, 2018 | ISMS Consulting
Aristotle once postulated “horror vacui” (nature abhors a vacuum). His idea was that empty or unfilled spaces are unnatural as they go against the laws of nature and physics. Interestingly, this applies to information security strategy as well. The Role of a Chief... by John Verry | Oct 4, 2018 | ISMS Consulting
Recently I discussed a potential vCISO engagement with a mid-size restaurant chain (500+ locations). They asked about our experience with, and our thoughts on, “threat hunting.” Threat hunting is loosely defined as “proactive incident response”—actively looking for... by John Verry | Oct 2, 2018 | ISMS Consulting
New data privacy regulations like GDPR and the California Consumer Protection Act of 2018 (CCPA) are forcing many organizations to factor privacy into their data security programs like never before. Do these new privacy mandates effectively merge the security and... by John Verry | Sep 27, 2018 | Government
With the EU’s GDPR now in force and California just enacting its Consumer Privacy Act (AB 375), the two-minute warning has sounded for US businesses that work with consumers’ personal data. You must move to implement privacy policies that align with these... by John Verry | Aug 16, 2018 | InfoSec Strategies
Entities registered with New York State’s Department of Financial Services (NYDFS) are subject to compliance with the 23 NYCRR 500 (aka “Part 500” or “NYDFS 500”) cybersecurity regulation, and a new deadline is fast approaching. Entities who must comply include: Bank...
