by John Verry | Sep 25, 2019 | InfoSec Strategies
Reading Time: 3 minutes
A healthy level of skepticism seems to be an occupational hazard of working in information security. Hence, my hopes were not all that high when I recently sat down with a Boulevardier and the new ISO 27701 standard (“Security... by Andrew Farkas | Jul 2, 2019 | ISMS Consulting
Reading Time: 2 minutes
On many engagements, part of my role is helping clients see their initial information security objective in the context of a bigger security picture. For example, a new client just came to us having inadequately addressed a... by Kevin Hermosura | Apr 11, 2019 | Third Party Risk Management
Reading Time: 3 minutes
Recently I came across this blog post, which raises concerns that Amazon Web Services (AWS), a major player in many government cloud contracts worldwide—including the US Department of Defense—may be outsourcing security services to a... by Kevin Hermosura | Apr 5, 2019 | Third Party Risk Management
Reading Time: 3 minutes
When it comes to vendor risk management questionnaires, less can definitely be more. In this post, I’ll share three value-add tips on why and how to streamline your vendor review process and reduce the length of your questionnaires... by John Verry | Feb 13, 2019 | InfoSec Strategies
Reading Time: 3 minutes
Einstein once said, “The more I learn, the more I realize how much I don’t know.” Unfortunately, I have come to that realization not just once, but about 758 times. As I was reviewing/tuning our company’s Risk Assessment in...
