Driving Security Initiatives So You Don't Have To

What should I learn to provide a strong foundation for my Cyber Security career?

What should I learn to provide a strong foundation for my Cyber Security career?

What should I learn to provide a strong foundation for my Cyber Security career?  While “Cyber Security” is often considered a specific focus within IT, the connotations underlying this term are very broad and not always technology focused. Information is the key – and securing that information takes strong practices in Confidentiality, Integrity, and Availability.  An individualRead more about What should I learn to provide a strong foundation for my Cyber Security career?[…]

Risk Assessments vs. Security Assessments

Risk Assessments vs. Security Assessments

Risk Assessments vs. Security Assessments  We’ve already established the importance of assessments in a previous article: (Audits vs Assessments and Why They Aren’t The Same Thing).  A recap of which is – assessments are used to help an entity mature.    We’ve also established that the role of a CISO is to focus on Risk to Information resources: (What isRead more about Risk Assessments vs. Security Assessments[…]

Audits VS Assessments And Why They Are Not The Same Thing

Audits VS Assessments And Why They Are Not The Same Thing

Audits vs. Assessments & why they’re not the same thing  It’s much easier to mitigate a risk when you know the risk exists.  Using the analogy of a snake in the grass, people don’t go running off into the woods by a creek without surveying the ground at their feet.  Likewise, maintaining a blindness to risk is aRead more about Audits VS Assessments And Why They Are Not The Same Thing[…]

Security Awareness Training

Security Awareness Training

Security Awareness Training Program Awareness of Security concepts at all levels of the organization is imperative in today’s world.  Because of that, a Security Awareness & Training Program is one of the most impactful components of an operating Security Program.  Whether the individual is an end user, a system administrator, or the C-Level Security Representative,Read more about Security Awareness Training[…]