George Grachis

A Senior Security Compliance Consultant for Maxis360, has over 25 years’ experience in the Tech Sector. Some of his experience includes over a decade supporting the Space Shuttle program for Computer Sciences Corporation, Dictaphone Healthcare Applications Engineer, Security Management for CFE Federal Credit Union, IT Auditing & Consulting for McGladrey and served as Chief Security Officer for Satcom Direct. George holds both the CISSP, and CISA certifications. George Received the ISSA fellow Designation in 2016 and is currently an active senior board member of ISSA, ISACA & InfraGard. More recently he enjoys writing articles for his new CSO Online Blog Virtual CISO

HIPAA compliance report card

Make cybersecurity great again!

Make cybersecurity great again!

We are losing the battle of cybersecurity, cyber criminals put 100% into planning and attacks and we cant even fund a cyber security role for all internet-connect businesses!

Law firms subject to same cyber risk as others, but is compliance required?

Law firms subject to same cyber risk as others, but is compliance required?

Law firms are handling some of the most sensitive and private information, this includes but is not limited to healthcare, private business deals, financial assets, mergers and acquisitions, intellectual property, credit cards and so...

2016: A reflection of the year in cybercrime

2016: A reflection of the year in cybercrime

A look back at 2016 predictions in cyber crime and how it all actually played out.

Hillary or Donald: Who is more cybersecurity savvy?

Hillary or Donald: Who is more cybersecurity savvy?

Cybersecurity and the role of the President. What they say is one thing, what about their track record is something else altogether.

IT audits must consider the cyber kill chain and much more!

IT audits must consider the cyber kill chain and much more!

Its not enough to perform an IT audit to achieve compliance alone, Today's threat landscape includes sophisticated APT's, Advanced Persistent Threats, Remote access Trojans and Ransomeware to name a few, In order for an IT audit to...

Florida privacy law adds breach notification and strengthens compliance

Florida privacy law adds breach notification and strengthens compliance

A brief intro to US State and Federal Law and how they work to govern the United States, An intro to the FIPA (Florida Information Protection Act) and how it works with existing compliance to strengthen it and better protect business...

5 more critical IT policies you should have in place

5 more critical IT policies you should have in place

In this article we cover part 2 of 10 IT policies every organization should have.

A pen test a day keeps hackers away

A pen test a day keeps hackers away

Penetration testing has evolved from a nice to have test to a mandatory test, Besides compliance a PEN test will tell you just how secure your organizations data really is. Your network is being scanned and attacked daily, don't wait...

Critical IT policies you should have in place

Critical IT policies you should have in place

When we talk to clients as part of an IT audit we often find that policies are a concern, either the policies are out of date or just not in place at all. This often stems from the fact that no-one has been assigned to a permanent...

Is your healthcare organization leaking data?

Is your healthcare organization leaking data?

Recent news headlines and research has illustrated that healthcare organizations are either leaking data from various servers and medical devices or they are being hit with ransomware. This article looks at some of the reasons why...

Third-party vendors must abide by HIPAA privacy rules as well

Third-party vendors must abide by HIPAA privacy rules as well

This month I cover the HIPAA business associate rule, the FIPA, (Florida Information Protection Act) and summarize the latest FDA cyber security medical device guidance.

Load More