by Leigh Ronczka | Apr 24, 2018 | ISMS Consulting
The self-audit is the most basic form of cyber security audit. While it is no substitute for the impartiality and expertise of a professional auditor, a self-audit can add considerable value, particularly if you’ve never done any form of audit before. Audits vs....
by Bhaumik Shah | Jan 25, 2018 | InfoSec Strategies
These days many development teams have moved to DevOps or are moving in that direction. But how do you implement traditional security controls in this new DevSecOps world? A Note on Terminology: What is DevOps? DevOps refers to the integration of software Development...
by John Verry | Dec 5, 2017 | ISMS Consulting
Recently I had the interesting experience… chatting with a handful of potential Virtual Chief Information Security Officer (vCISO) clients over the last few weeks, each expressed they wanted to replace their current vCISO providers. Whenever we are asked to replace...
by Lou Romero | Sep 29, 2017 | Government
A few months ago, I blogged about eye-opening findings from a cyber loss control project I’ve been working on, which involves risk assessments of over 100 New Jersey municipal governments. Now largely completed, this work underscores why so many municipal governments...
by Jeremy Sporn | Jul 25, 2017 | Government
On July 10, Connecticut Governor Dannel Mallow officially announced the release of the Connecticut Cybersecurity Strategy. The most far-reaching of its kind put forth at the state level, this strategy document outlines how the state expects both public and private...
