by Matt Stuart | Apr 3, 2018 | Blog
Overview Information security for an organization is an ongoing process of users interacting with technology through a combination of policies, procedures, software and hardware to provide data confidentiality, integrity, and availability. All users are part of the...
by Matt Stuart | Mar 22, 2018 | Basics, Blog
The stakeholder is a term for an individual impacted by a corporation’s activities, and is in contrast to the idea of shareholder, which is a part owner of the corporation. It originated from Ian Mitroff’s book “Stakeholders of the Organizational Mind” and...
by Matt Stuart | Feb 26, 2018 | Blog
A corporate data network transmits billions of data packets per day internally and out to the Internet. The data flow creates event records from many sources such as firewall security logs, user account sign on logs, and data resource access logs. By NIST 800-53...
by Matt Stuart | Jan 5, 2018 | Basics, Blog
There’s a humorous sign frequently seen in various kinds of offices and workshops around North America. It says simply, “Fast, Good, or Cheap: Choose Two!” It’s a simple but useful model demonstrating the tradeoff between the constraints of quality, time, and cost. In...
by Matt Stuart | Nov 22, 2017 | Blog
There’s a looming disaster on the cyber horizon coming to the Internet and cellular communications in the next few years(McGrew, 2015). Specifically, 90% of the current encryption used for data transmission on the internet and in cellular phones will cease to be...
by Matt Stuart | May 19, 2017 | Blog
A complete and mature organizational cybersecurity infrastructure requires the use of a governance framework such as COBIT 4.1 aligned with a security control framework such as ISO/IEC 27002:2005. This provides a process to manage the complex security control...
