Home/Tag: Tools and Tips

Annual Security Training – Design, Develop and Deliver

Have you struggled to establish a security training environment within your organization? Or explaining the “whys” to those in senior leadership to gain traction and support for implementing your vision? This is a common problem for companies of all sizes and ages and may be easier to solve than you think. This series will break down how to design, develop, and [...]

By |2020-01-20T19:36:18+00:00January 17th, 2020|IT Audit & Compliance|0 Comments

An Insider’s Perspective on Choosing a Security and Compliance Partner That Is Right for Your Business

A few things to consider when choosing a consulting firm partner. At risk3sixty, we interact with a lot of prospective customers who want us as a security consulting partner. Some firms ask great questions and have a clear understanding of what they are looking for. Others need a little more help figuring things out.   Security, privacy, and compliance are complex [...]

By |2020-01-23T19:20:21+00:00January 13th, 2020|CISO Discussions, IT Audit & Compliance|0 Comments

How to Create Effective Policies

How to leverage information security policies into leveling up your security program.   People often regard information security policy as a "check-the-box" compliance initiative. Many organizations will copy a policy template, make small revisions applicable to their context, and then forget about it.   But, an information security policy that directs the organization is as crucial to a security program as [...]

Craftsmanship in Music and Compliance

If you’ve been on stage for a speech or performing arts, you know stage fright is real. Businesses can get nervous when they hear the word "audit" in the same way musicians can get nervous before a performance. However, there is one great way to alleviate that fear: preparation. If your business prepares well, you will see the fruits of that [...]

An Introduction to Active Defense

Global research and advisory firm, Gartner, forecasts that information security spending will exceed $124 billion in 2019, yet cyber defenses continue to fail. Organizations large and small continue to experience breaches of all varieties resulting from zero-day exploits, failures in vulnerability patching, and phishing. The market has responded with a variety of security governance and control frameworks including CIS 20, ISO [...]

By |2020-01-31T01:10:36+00:00November 18th, 2019|Cyber Risk Management, Penetration Testing|0 Comments

What Are Your Privacy KPIs?

Identifying and maintaining measures of success in privacy programs. The publication of ISO 27701 is an exciting development for all companies looking to enhance and potentially certify their privacy programs.  As companies race to digest and implement the new standard, many questions arise around how to address some of its particular requirements.  One such area involves the governance of an ISO [...]

By |2020-01-23T19:24:19+00:00November 4th, 2019|ISO 27001 Compliance, Privacy Compliance|0 Comments

Five Ways to make the Board of Directors and Executives Very Happy

Unless you are part of senior management the closest most of us come to the Board of Directors (BODs) or executives is reading their Ivy League bios on the company website. But a good consultant knows the way to your bosses heart is by making the BODs very happy. The good news is making the big-whigs happy isn't that hard - you [...]

Top 10 IT Risk Frameworks and Resources

I have an entire folder full of risk frameworks that I draw from for inspiration when I'm performing a risk assessment or internal audit project. Here's a few links that I hope you find helpful. If you have something useful not listed below please share in the comments! NIST Cybersecurity Framework Here NIST Cloud Computing Framework Here NIST Computer Security Framework [...]

By |2020-01-17T21:26:28+00:00May 7th, 2015|Cyber Risk Management|3 Comments

Managing India’s Growing IT Presence

Gateway to India. Taken by me. For the past two weeks I have been in Mumbai, India (Bombay) working on an IT security project. The trend of U.S based companies doing business in India is an ever growing phenomena, but comes with its own set of logistical and technology issues that must be carefully balanced with monetary savings. Here are [...]

By |2020-01-17T21:26:28+00:00April 28th, 2015|IT Audit & Compliance|4 Comments