George Grachis

Opinions expressed by ICN authors are their own.

A Senior Security Compliance Consultant for Maxis360, has over 25 years’ experience in the Tech Sector. His experience includes over a decade supporting the Space Shuttle program for Computer Sciences Corporation, Dictaphone Healthcare Applications Engineer, security management for CFE Federal Credit Union, and IT auditing & consulting for McGladrey. He also has served as Chief Security Officer for Satcom Direct.

George holds both the CISSP, and CISA certifications. George Received the ISSA fellow Designation in 2016 and is currently an active senior board member of ISSA, ISACA & InfraGard. More recently he enjoys writing articles for his CSO Online blog, Virtual CISO.

The opinions expressed in this blog are those of George Grachis and do not necessarily represent those of IDG Communications Inc. or its parent, subsidiary or affiliated companies.

Continuous IT audits are needed to combat today's cyber threats

HIPAA compliance report card

HIPAA compliance report card

The HIPAA data breaches immediately followed the US government's directive to push healthcare data online as part of the American Recovery and Reinvestment Act Jan 1 2014. HIPAA is a law that is implemented with IT frameworks like...

Make cybersecurity great again!

Make cybersecurity great again!

We are losing the battle of cybersecurity, cyber criminals put 100% into planning and attacks and we cant even fund a cyber security role for all internet-connect businesses!

Law firms subject to same cyber risk as others, but is compliance required?

Law firms subject to same cyber risk as others, but is compliance required?

Law firms are handling some of the most sensitive and private information, this includes but is not limited to healthcare, private business deals, financial assets, mergers and acquisitions, intellectual property, credit cards and so...

2016: A reflection of the year in cybercrime

2016: A reflection of the year in cybercrime

A look back at 2016 predictions in cyber crime and how it all actually played out.

Hillary or Donald: Who is more cybersecurity savvy?

Hillary or Donald: Who is more cybersecurity savvy?

Cybersecurity and the role of the President. What they say is one thing, what about their track record is something else altogether.

IT audits must consider the cyber kill chain and much more!

IT audits must consider the cyber kill chain and much more!

Its not enough to perform an IT audit to achieve compliance alone, Today's threat landscape includes sophisticated APT's, Advanced Persistent Threats, Remote access Trojans and Ransomeware to name a few, In order for an IT audit to...

Florida privacy law adds breach notification and strengthens compliance

Florida privacy law adds breach notification and strengthens compliance

A brief intro to US State and Federal Law and how they work to govern the United States, An intro to the FIPA (Florida Information Protection Act) and how it works with existing compliance to strengthen it and better protect business...

5 more critical IT policies you should have in place

5 more critical IT policies you should have in place

In this article we cover part 2 of 10 IT policies every organization should have.

A pen test a day keeps hackers away

A pen test a day keeps hackers away

Penetration testing has evolved from a nice to have test to a mandatory test, Besides compliance a PEN test will tell you just how secure your organizations data really is. Your network is being scanned and attacked daily, don't wait...

Critical IT policies you should have in place

Critical IT policies you should have in place

When we talk to clients as part of an IT audit we often find that policies are a concern, either the policies are out of date or just not in place at all. This often stems from the fact that no-one has been assigned to a permanent...

Is your healthcare organization leaking data?

Is your healthcare organization leaking data?

Recent news headlines and research has illustrated that healthcare organizations are either leaking data from various servers and medical devices or they are being hit with ransomware. This article looks at some of the reasons why...

Load More