The hope is by reading this you know enough to identify the capable resources (internal staff and/or vendors) who can help you on this journey. At a minimum, this blog post should raise additional questions!
Posts By Lester Godsey
How to start a formal infosec program: If you start thinking along these lines, you will certainly be headed in the right direction.
Here’s how you can take a pragmatic, business-centric approach to your cyber terms and conditions that will help to minimize risk.
Our jobs should be to ensure that the goods and services we procure meet minimum cybersecurity/data requirements.So take a look at what your organization’s Ts and Cs are and see how out of date they are.
Why should government organizations share cyber intelligence? Cyberspace is much like outer space – it can get lonely out there if you don’t have a group that has your back.
Social media is a critical platform for government agencies to connect with their constituents but it has also become a new infosec threat vector.
Part 2 will focus on how we build skills to fill organizational gaps, get ahead of bad actors and develop our team members.
Government is in competition for information security professionals. How do we attract and hire qualified infosec staff, as well as develop key skills?
We focus on some additional benefits of formal information security risk management and talk about risk tolerance and risk thresholds.
Here are some best practices for equating how information security can reduce risk to a level that is acceptable to your agency.