by John Verry | Oct 4, 2018 | ISMS Consulting
Recently I discussed a potential vCISO engagement with a mid-size restaurant chain (500+ locations). They asked about our experience with, and our thoughts on, “threat hunting.” Threat hunting is loosely defined as “proactive incident response”—actively looking for...
by Taylor Smith | Aug 10, 2018 | InfoSec Strategies
We tend to think of our world full of interconnected devices as fun and convenient. Why not monitor your toaster with a phone app—what could possibly go wrong? The downside, we now know, is that cybercriminals will quickly enlist these Internet of Things (IoT) devices...
by John Verry | Jul 23, 2018 | ISMS Consulting
Over the last few years I have noticed that clients often struggle to understand how to obtain maximum value at the minimum possible cost from a virtual Chief Information Security Officer (vCISO). I think part of that confusion is they view a vCISO as being the person...
by Chris Banta | Dec 13, 2017 | InfoSec Strategies
We see plenty of organizations that are compliant—but not secure. Yet rarely, if ever, do we find an organization to be secure but not in compliance. Cybersecurity regulators care about compliance, but hackers are opportunistic and the slightest risk can lead to a...
by Michael Gargiullo | Sep 13, 2017 | InfoSec Strategies
The recent HBO breach is now known to be much, much worse than the Sony content hack of 2014 or the more recent, financially motivated theft and premature release of Netflix’ Orange is the New Black episodes. Even more disturbing than the volume and value of...
