Services to improve processes. SaaS applications to sustain them.

Blog

1,000 Eavesdroppers… In Your Pocket

By on Jul 9, 2015 in Blog |

Several years ago, I had a conversation with an individual who adamantly claimed that jailbreaking and rooting mobile devices actually improved security. His claim rested on the argument that jailbreak and root tools commonly patch the vulnerability used to circumvent the OS protections designed to prevent system level access. He claimed that the patch actually...

Read More

NIST CSF Metrics

By on Apr 30, 2015 in Blog |

Frequent readers know metrics are a passion of mine. They provide key stories to answer: Should we invest more or less in security Are we performing to commitments Which groups are top performers Recently SIRA started a project to define metrics based on the NIST Cyber Security Framework (CSF). I applaud and support the effort! Currently they’re looking for...

Read More

Welcome to GRC Select

By on Apr 10, 2015 in Blog |

Caliber Security Partners is proud to announce the GRC Select suite. With Compliance Communicator advancing out of beta, we’re positioning the legacy term of Security Process Management to GRC Select. Please visit the GRC Select landing page and let us know what you...

Read More

Conducting a HIPAA/HITECH Risk Assessment with SPM

By on Sep 23, 2014 in Blog |

Using Security Process Management Suite (SPM) to conduct a HIPAA/HITECH Risk Assessment Recently, I had the opportunity to conduct a HIPAA/HITECH Risk Assessment for a regional healthcare provider. In this project, a HIPAA/HITECH compliance assessment was required prior to the risk assessment work. After the project kick-off meeting, various meetings were held with...

Read More

Reviewing Access Control Strategy

By on Sep 11, 2014 in Blog |

Often in security we get so caught up in firewall rules, anti-virus alerts, answering audit or compliance surveys and such that we sometimes put the cart before the horse. We focus on implementing the little details without developing or updating our overall strategy. Security is, in essence, the art of defining and applying appropriate administrative, technical and...

Read More

Being an Aware Security Leader

By on Jun 26, 2014 in Blog |

I’m an avid hiker and have been a youth leader in several organizations over the past 20 years or so. In outdoor leadership, a core component of leadership is awareness: awareness of environment, group and self (see “AMC Guide to Outdoor Leadership” by Alex Kosseff). As security leaders, maintaining awareness is also a critical component in...

Read More