Fractional CISO Blog
135 FOLLOWERS
Our team helps business leaders manage risk and grow their companies by providing tailored cybersecurity programs. We provide tailored cybersecurity programs. We assess your organization, craft a plan tailored specifically to your organization's needs, and help you execute it to meet your compliance and risk tolerance goals.
Fractional CISO Blog
1y ago
Even a choose-your-own-adventure book has a certain structure to it. Sure, you might be making your own way through the book, but there are still plot points, challenges, and decisions the author will include along every path. SOC 2, being the choose-your-own-adventure cybersecurity compliance standard, is similar in this regard. An organization pursuing a SOC ..read more
Fractional CISO Blog
1y ago
Imagine being sixteen years old, gassing up your mothers old Chevy Cavalier and seeing a sleek smurf-blue roadster zip past the gas station. Time stops. You immediately fall in love with it. Time starts again, and you disappointedly climb into your mom’s clunker and sullenly drive yourself home. You spend the next twenty years thinking ..read more
Fractional CISO Blog
1y ago
I never knew what a danger soccer moms’ purses were. That is, until I attended my very first professional soccer game at Gillette Stadium. A friend of ours invited a few families to join them to watch the game. Until a few hours before arrival I could not have confidently named the home team. It’s ..read more
Fractional CISO Blog
1y ago
Do you really know what’s in open source code? Do you want to? Because face the facts: your organization is making use of open source code right now – and you probably have no idea what’s in it, how recently it has been updated, or even if you’re allowed to use the code in your ..read more
Fractional CISO Blog
1y ago
Good news: Date nights are back on! That’s correct … Mrs. Black and I headed out to an event a couple of weeks ago, doing our best to pick up where the pandemic found us back in early 2020. Of course, our babysitter bullpen has been depleted over the past two-plus years. Some are now ..read more
Fractional CISO Blog
2y ago
You wanted to be a developer. You spent four years and thousands of dollars in school and managed to get your foot into industry. You spent a few years working a couple different gigs only to realize – this job just isn’t for you. Do you find working in a dark room with no windows ..read more
Fractional CISO Blog
2y ago
Nobody really wants to do their homework. Which is unfortunate, because homework plays an important role in helping to absorb, retain, and learn to use the information someone is studying. In the security and compliance world, writing documentation is the homework. It helps employees standardize the right policies and procedures to successfully reduce risk and ..read more
Fractional CISO Blog
2y ago
Cyber insurance, like all insurance, is all about the fine print. In 2017, G&G Oil Company purchased a commercial insurance policy that, while not a full-fledged cyber insurance policy, did include coverage for losses “resulting directly from the use of a computer.” They were hit with a ransomware attack later that year and had to ..read more
Fractional CISO Blog
2y ago
You may assume that I am a fully functioning human. I assure you, you are mistaken. There are certain things – things that most people are quite capable of – that I am dazzlingly terrible at. I cannot sing. Literally. Once, when I joined in on “happy birthday” at my then four-year-old daughter’s party, two ..read more
Fractional CISO Blog
2y ago
Picture it: As a part of your new job running a corporate SOC 2 compliance program, you’ve started the arduous process of reviewing old documentation. Most of it is in pretty good shape…until you come across the Business Continuity/Disaster Recovery (BC/DR) Plan. While your company’s name is all over it, the instructions for temporary physical ..read more