- Home
- Services
- Offerings
- About Us
- Blog
- Don’t press that panic button!
- Your cyber insurance probably isn’t good enough.
- When your Business Continuity/Disaster Recovery Plan is a Disaster…
- How to start a career in cybersecurity, according to a hiring manager.
- Patching Keeps the Lights On (Except when it Doesn’t)
- How to get a SOC 2 certification: A comprehensive guide.
- How to read a SOC 2 Report
- I have “Zero Trust” in VPNs.
- Don’t be an Attacker’s First Option
- Gmail vs Outlook for Business Email Security
- Are you tracking root logins in AWS?
- E-commerce Fraud and how your Business can Avoid it
- The Asset of Asset Management
- Doing the Legwork Once, for Everyone; Laika’s Vendor Database
- Security’s Chicken and Egg: Operationalizing the Security Maturity Model
- Software Composition Analysis: Use it to Clean Out Your Old Code!
- How Resilient is Your Business?
- B2B Customers want cybersecurity compliance: MASV’s TPN Story.
- 54 months in: what I’ve learned starting a cybersecurity company.
- Top Fractional CISO Blogs of 2021
- What does a bad auditor mean for your business?
- One Size Fits Nobody
- Log4Shell Logo
- Serious vulnerability: Log4J
- What are the best Google Workspace security settings?
- 3 Advanced Incident Response Tabletop Exercise Scenarios
- What Your MSP Doesn’t Know, Can Hurt You
- AWS CISO Stephen Schmidt and his “Cybersecurity Airbag” defense tools.
- Why you should use a Cloud Backup Service.
- Communicate Better with the Organizational Security Maturity Model
- Don’t Mess with your DNS!
- How to create an AWS Sandbox for your business.
- How SOC as a Service can help Sarah in Operations
- 4 new and devious phishing techniques with example phishing emails.
- Vendor risk management programs: a simple and practical approach.
- Plan now for a cyber attack… on your vendors!
- ByteChek: Can you get SOC 2 software and an audit under one roof?
- Multi-Factor Authentication: Everything you Need to Know
- The Secret Web Browser Monopoly
- Cyber insurance: why are so many companies suddenly uninsurable?
- How does SOC 2 software like Tugboat Logic help you build a compliance program?
- From Dirty Laundry to Cleaning up Your Security Program: How I became a vCISO
- Congrats to Alexia Antoine! 2021 vCISO Cybersecurity Scholarship Recipient
- Allowlist and blocklist are better terms for everyone, let’s use them.
- Are You Taking on More Risk Than Necessary?
- Microsoft Office 365 email security defaults are bad, so fix them!
- All Businesses Need DDoS Protection
- Fractional CISO releases SOC 2 Software Vendors White Paper
- Cybersecurity Programs Take Time
- Privacy Shield is Dead, Long Live Privacy Shield!
- Browser Extension Security – What browser does it best?
- A 3-Point Ransomware Defense Strategy for Small to Midsize Businesses
- Incident Response: Putting the Puzzle Pieces Together
- SOC 2 Type 1 vs Type 2: Get a Type 2!
- SOC 2 vs ISO 27001
- Prevent Email Spoofing with EmailSpoofTest
- SOC 2 Trust Services Criteria: An Easy Guide
- Is Your Cyber Insurance Broken?
- Can you teach employees how to phish to help them avoid phishing?
- Public WiFi: A double espresso for you and passwords for the bad guys.
- Splitting Hairs on Split Tunneling
- Slack Shared Channel Metadata Exposure
- Security and Compliance – Cousins, Not Twins
- Hourly Billing Will Undermine Your Cybersecurity Program
- Do you have A+ or F- website security? Find out with Mozilla Observatory!
- The Groundbreaking 2015 Jeep Hack Changed Automotive Cybersecurity
- A Surefire Way to Undermine your Cybersecurity Program
- WhatsApp Privacy Policy 2021 – I told you so.
- How to Protect Grandma’s inbox with Canarytokens
- Be Like Netflix, not Reddit: SaaS Disaster Response
- The Secret Ingredient to a Successful Cybersecurity Program!
- Human Root of Trust
- Multi-Factor Authentication: One Security Control you can’t go Without!
- Top Fractional CISO Blogs of 2020
- Should you hide your Wi-Fi SSID?
- Three Lessons from The Ticketmaster Breach
- Why you should NOT be using xfinitywifi hotspots.
- SOC 2 Compliance is Cybersecurity Customized, not Prescribed.
- Free Cybersecurity Training: Good, but not Great.
- Three Keys to a Great Internal Audit
- Password Hints: Could your ex guess your password?
- Announcing the First vCISO Cybersecurity Scholarship Winner!
- How to be a CSA STAR
- When SIMPLE Simply Isn’t
- My Fintech Cybersecurity Journey – Out of the Bubble
- Elon Musk: Cybersecurity’s Iron Man
- Pro Tip: Google Vault
- Three Lessons From the Garmin Ransomware
- COVID and Cyber Hygiene: Not That Different
- How Do You Pronounce CISO?
- Fintech Virtual CISO Case Study
- WhatsApp vs Signal vs Telegram Security in 2020
- Pro Tip: Exercise Caution with G Suite Marketplace Apps
- Managing Supply Chain Havoc
- How Secure Are Your Employees’ Home Networks?
- Starting your cybersecurity program
- FCISO
- How to set up Threat Intelligence via Slack for Free
- How to Gamify Your Incident Response Planning (And Make It Fun)
- Correct Horse Battery Staple Review – Password Advice
- Pro Tip: Sending Secrets via Signal
- Fast and Easy Video Conferencing Comes With a Price
- G Suite Access Control Audit Tip
- Are You Treating Your Cybersecurity Like a Rental Car?
- Why the Corp.com Sale Matters to You
- Every Company Needs a Jessica
- Should I become a Virtual CISO? What I wish I had read 30 months ago
- Just Okay Is Not Okay
- Don’t Click That Link!
- Disney+ Account Compromise
- SSCP: Gliding into a New Security Career
- Can You Hear Me Now?
- 3 Tips to Make Your Vulnerability Report Pop
- Sales troubles? Call the cybersecurity specialist!
- How many organizations have access to my email?
- 25 months in: What I’ve learned starting a cybersecurity company
- vCISO video
- How to find the Fractional CISO brochure
- IoT Platforms: The Top Six
- Fractional CISO in the news
- Meraki Review: Is it the right Security Appliance for your organization?
- Pen Test. Do I need one?
- WiFi Pineapple: Can Still Compromise Your Network in 2019
- Cybersecurity Breach Bankruptcy: It Does Happen
- NIST Cybersecurity Resources During the Shutdown
- Top Fractional CISO blogs of 2018
- Cryptocurrency: Not Ready for Prime Time
- SOC 2 Audit: How to Comply with the Tough New Changes
- 18 months in: What I’ve learned starting a cybersecurity company
- Does your organization need a Password Manager?
- Understanding IoT Identity
- Four steps to securing your IoT Identity from ex-employees
- Is your website about to go dark?
- Typeform Data Breach: 100,000 Records and Counting
- Cybersecurity Risk Assessment – A Better Way
- IoT cybersecurity standards
- Do I need a CISO? A guide for NY Financial Advisors
- NY Cybersecurity Regs: Four Things Every New York State Financial Institution MUST DO!
- Why Fractional CISO: How medium-sized businesses can improve their cybersecurity posture
- What large RIAs need to do to comply with NY State DFS cybersecurity regulations in 2017
- What small RIAs need to do to comply with NY DFS cybersecurity regulations
- Announcing RIA Cybersecurity Risk Worksheet
- Mothers, don’t let your babies grow up to use the ‘admin’ username
- Why a virtual CISO for your medium-sized business makes sense
- Password Advice – xkcd
- Password advice from the wicked
- Business Email Compromise
- How to check if someone is really a CISSP
- Temporary CISO
- Interim CISO
- How Registered Investment Advisors can avoid the SEC’s cybersecurity wrath
- Welcome to Fractional CISO!
- Archives
- Other