#COBIT

top of page

Policy, Procedure, or Plan

Policy, Procedure, or Plan

Some standards like PCI and NIST require policies that cover specific topics. Sometimes you will see a requirement for a policy and...

IT Governance & IT Management

IT Governance & IT Management

Many practitioners use these terms governance and management synonymously. While there is some overlap in practice, there are key...

Cybersecurity Policies Made Easy

Cybersecurity Policies Made Easy

People often ask for advice regarding information security or cybersecurity policies. For the remainder of this article, I will use...

Does Security Awareness Work?

Does Security Awareness Work?

According to the Verizon 2018 Data Breach Report, 93% of data breaches are linked to phishing or social engineering. With stats like...

Featured Posts

Annual Cyber Reports

Annual Cyber Reports

Reporting to Council: Why Local Governments Should Use the NIST Cybersecurity Framework

Reporting to Council: Why Local Governments Should Use the NIST Cybersecurity Framework

Webinar: The Board or Council's Role in Cyber Risk Management

Webinar: The Board or Council's Role in Cyber Risk Management

Why Cybersecurity Needs to be Separated from IT in Local Governments

Why Cybersecurity Needs to be Separated from IT in Local Governments

The Crucial Role of CISOs in Local Governments: Ensuring Good Governance and Cybersecurity

The Crucial Role of CISOs in Local Governments: Ensuring Good Governance and Cybersecurity

Does Security Awareness Work?

Does Security Awareness Work?

The Visible Ops Handbook

The Visible Ops Handbook

Cybersecurity Takes Teamwork

Cybersecurity Takes Teamwork

What you need to know about ransomware

What you need to know about ransomware

Notes on Ransomware

Notes on Ransomware

Posts by Category

Follow Me

bottom of page