Blog Posts Tagged with "Consulting"


"Buying In" to the Information Security Industry

October 23, 2011 Added by:Jackie Singh

You're growing of age at a time when "security" is a fairly new concept. Governments and companies are throwing money at these problems in the hopes they will go away, and will be doing so at an increasing pace for quite the foreseeable future. That's where you come in...

Comments  (9)


Changing the Landscape of Pentesting

October 11, 2011 Added by:Andrew Weidenhamer

Today’s market has become diluted with companies and individuals claiming they can perform penetration assessments - if you don’t believe me attend Defcon once. Organizations need to have a better understanding as to how these hired service providers are actually performing these assessments...

Comments  (4)


I Am Certified - You Are Secured

July 18, 2011 Added by:J. Oquendo

Security? I don't care for it. Companies don't want security. They do not want assurance. They want a framework to ensure they did no wrong. My goal is simplified ten-fold, and my aim is to ensure that someone on the C-level can cross their T's dot their I's and get on with their game of golf...

Comments  (29)


Engaging a Team for a Security Analysis

June 29, 2011 Added by:Bozidar Spirovski

Being involved in a security project requires lot of resources: a good measure of knowledge, a huge measure of experience, some amount of software and personnel. Usually time is in short supply, so this is compensated by more computers or more people...

Comments  (1)


Fake Security Firms Will Be Exposed

June 09, 2011 Added by:Boris Sverdlik

Joe Black has built a reputation around certifications and misinformation. He has a very interesting career, that we can trace back to his days at Wright Printing in 2005 according to his LinkedIn Profile which is also about the time he was supposedly enrolled at ITT...

Comments  (9)


How to Replace an Enterprise SIEM

May 18, 2011 Added by:Anton Chuvakin

Be prepared to keep the old SIEM running - without paying for the support contract, of course - or at least keep the old data backups – this becomes important if complete data migration is impossible due to architecture differences between the new and old SIEMs...

Comments  (0)


How to Become an ISO 27001 and BS 25999-2 Consultant

March 15, 2011 Added by:Dejan Kosutic

Becoming a consultant is not easy – not only do you have to excel in your knowledge of ISO 27001/BS 25999-2, you also have to be able to define and price your services, define and approach your target markets, manage your projects etc. If you approach this venture carefully, chances are you will succeed...

Comments  (0)


EHR and Consulting: Case of the Unpopular Mandate

February 07, 2011 Added by:Mike Meikle

Things seem to not have changed since 2004. EHR is still unpopular, expensive and with the latest research in hand, doesn’t seem to improve productivity or patient care quality. This seems to be true even if you tack on expensive Clinical Decision Support (CDS) systems...

Comments  (0)


Seven Steps to Improve Small Business Data Security

January 14, 2011 Added by:Danny Lieberman

Many consultants tell businesses that they must perform a detailed business process analysis and build data flow diagrams of data and business processes. This is an expensive task to execute and extremely difficult to maintain that can require large quantity of billable hours...

Comments  (2)


Choosing a Security Consultancy

November 23, 2010 Added by:Javvad Malik

You cannot outsource blame. You HAVE to take responsibility for your organization's mistakes. Whether they be IT, vendor, even mistakes made by your most trusted employees. You don’t have to be an expert in security, you just have to make informed decisions to control your organization...

Comments  (1)


Most annoying consultants

June 13, 2010 Added by:Javvad Malik

Infosec would have a better reputation if all consultants were perfect like me. When speaking to a project manager, we should have completed our research. Scoured the internet, finding out what a particular application does and how many security vulnerabilities are out there. The list goes on, but suffice to say a good consultant always does their homework before they actually start talking t...

Comments  (3)