by John Verry | Feb 13, 2019 | InfoSec Strategies
Einstein once said, “The more I learn, the more I realize how much I don’t know.” Unfortunately, I have come to that realization not just once, but about 758 times. As I was reviewing/tuning our company’s Risk Assessment in preparation for our ISO 27001... by Alex Fugairon | Jan 26, 2017 | InfoSec Risk Assessment
The “Goldilocks and the Three Bears” Approach I’m sure most people are familiar with the children’s tale of “Goldilocks and the Three Bears.” What does that have to do with security risk assessments? I’ve found that when it comes to assessing information... by Chris Banta | Dec 22, 2016 | Business Continuity Management
In all my years as both an information security manager and a senior-level security advisor, one of the top questions that I have routinely been asked is: “How do I manage risk effectively?” The answer to this question comes down to risk tolerance. What is Risk? On... by John Verry | Dec 8, 2016 | ISO 27001 Certification
Sitting through Stage 1 of an ISO 27001 certification audit for the first time can feel pretty daunting—even for a seasoned information security professional. Stage 1 is unusual in that focuses on the operation of the Information Security Management System (ISMS), not... by John Verry | Nov 23, 2016 | Business Continuity Management, Disaster Recovery
I recently spoke at the NJ-GMIS Cyber Security Briefing at New Jersey’s Regional Operations and Intelligence Center (ROIC) on approaches to reducing risk in municipal governments via third-party assessment. The presentation ended up getting very interesting when we...
