Survival Guidance! FedRAMP and FISMA Resource for Assessing the Security Controls in Federal Information Systems and Organizations

Survival Guidance! and is making our auditor’s resource for assessing the security controls in federal information systems and organizations free. This is a resource based on the NIST 800-53A framework you may freely use to conduct your organization’s FedRAMP, HIPAA or best practice based security audits. Your results are private and the output… Read More

Information Security By the Numbers

The Security Trifecta is a comprehensive and innovative approach to holistic security, risk, governance and privacy coverage for the enterprise. Because the methodology is universally applicable and ultimately sustainable, it has become the perfect model for any size organization regardless of business concentration. In fact, the more critical, the more regulated, the more sensitive the… Read More

HORSE Project Wiki is now on

The Holistic Operational Readiness Security Evaluation, also known as the HORSE Project, is now on The original wiki is now over four years in production and continues to be a great resource. Participants benefit from potentially earning CPE credits when they write original page plus contributions to the wiki. It also looks great on… Read More

ISSA Senior Member Nomination

I was humbled and honored to be nominated by the Board of Directors of the Kentuckiana ISSA chapter in Louisville Kentucky for ISSA Senior Member. I’ve been out of the Kentuckiana territory for a number of years to be the Chief Information Security Officer for Colonial Bank (Now BB&T Bank). I’ve been a member of… Read More

A horse by any other name ….

If I were to be asked by anyone which volunteer activity I am most proud of, it would be my brain-child pet project known globally as the HORSE Project. The Holistic Operational Readiness Security Evaluation (HORSE) project has been a four year commitment to the education, enlightenment, collaboration, knowledge sharing, and awareness of the global… Read More

CIO Finance Summit Closure

It is always good to visit with the folks from CDM Media in Scottsdale Arizona. I was invited to participate in a CIO Panel Discussion titled: “Security, Encryption and Fraud: Future proofing the banking system and ensuring greater consumer protection.” Scott Crawford, Managing Research Director, Security & Risk Management with EMA moderated. Mike Kearn, ISO… Read More

Cloud Computing: Part 2

Internet information exchange and commerce has matured to the point that we cannot imagine how we would run our businesses without technology anymore. We have created elaborate systems and constructed solid disaster recovery and business continuity mechanisms to protect our digital assets. Until recently, these Internet facing systems have resided on dedicated computers that we… Read More

Sam Snyder

I recently became aware of Sam Snyder who has taken in interest in indexing what he deems as successful professionals. His blog is here: He created a web site that is one of the world’s most extensive sources of advice and insights from top entrepreneurs, executives, and investors. It’s located at: I appreciate… Read More