by Lou Romero | Oct 17, 2017 | InfoSec Strategies
In my recent cyber security work with municipalities, I gained an appreciation for the information security challenges K-12 public school systems face. Because they manage troves of personal, health, financial and academic data, every school district is a target for...
by Michael Gargiullo | Sep 13, 2017 | InfoSec Strategies
The recent HBO breach is now known to be much, much worse than the Sony content hack of 2014 or the more recent, financially motivated theft and premature release of Netflix’ Orange is the New Black episodes. Even more disturbing than the volume and value of...
by Chris Dorr | Aug 25, 2017 | Third Party Risk Management
An interesting and potentially troubling event happened in the information security world on Wednesday, August 16, 2017. It wasn’t a major hacking attack or a massive data breach. It wasn’t the release of a new security tool, or the failure of a critical...
by Chris Dorr | Jan 3, 2017 | Third Party Risk Management
The similarities between corporate risk management and pilots might surprise you. Pilots are risk managers. We have to be. In fact, risk management is one of the topics that the FAA requires instructors to teach student pilots during their training. And our risk...
by John Verry | Dec 8, 2016 | ISO 27001 Certification
Sitting through Stage 1 of an ISO 27001 certification audit for the first time can feel pretty daunting—even for a seasoned information security professional. Stage 1 is unusual in that focuses on the operation of the Information Security Management System (ISMS), not...
