PCI DSS, SOC2, vCISO, HIPAA, CIS Controls, Security Program

How much of your Information Security function can you safely outsource?

Outsourcing is now very common among technology companies. Sometimes a whole function is delegated externally such as accounting, HR, marketing. ...

Read More

PCI DSS, SOC2, CISO, vCISO, HIPAA, CIS Controls, Security Program

7 Advantages of using a "virtual CISO" (vCISO)

A growing trend in the world of Cyber Security is companies outsourcing of some or all of their Information Security teams. This can be just a ...

Read More

Security Program

How Do I Reset the Master Password?

During my time in enterprise-level support, I was often asked how to reset the master password on various devices after the existing password ...

Read More

Security Program

Controls are Needed on Recoveries from Backup

Some organizations completely ignore important aspects of the backup recovery and validation process. This creates a significant ongoing data ...

Read More

PCI DSS, Security Program

Secure Coding 201: Does it Exist?

I constantly hear that recent computer science graduates have not even been introduced to the notion of secure coding. They may have been taught ...

Read More

Security Program

What Time is It?

PCI DSS v3.2.1, section 10.4 requires all critical assets to be synchronized for time and recommends using one of the authoritative time sources ...

Read More