Cybersecurity strategy…. To Plan or not to plan…That is the question

March 25, 2021 | Carisa Brockman
Carisa Brockman

Carisa Brockman

Carisa has worked as part of the AT&T family for over 18 years (through acquisitions). She is well-versed in business management practices and has focused on strategic planning, information risk management, compliance management, enterprise policy management, cross-functional process design & management, consolidation & integration of enterprise security functions, and organizational effectiveness. Carisa joined AT&T Consulting via the acquisition of VeriSign Global Security Consulting, where she served as a Senior Manager. Prior to VeriSign, Carisa worked at the Minnesota Department of Human Services in IT Security. Today, as part of AT&T Consulting, Carisa leads the Governance, Risk, and Compliance Security Consulting Practice. She is responsible for providing strategic direction and vision to grow the business through collaborative relationships with account teams, management, staff, and business partnerships, defining and refining service offerings based upon market drivers and conditions and regulatory landscape, and managing client relationships and business development for practice. Carisa is married with three children. She holds a CISSP, CISA, and CCSFP certifications, a BA in History from University of Minnesota – Twin Cities, and resides in Oconomowoc, WI.

March 25, 2021 | Carisa Brockman

Cybersecurity strategy…. To Plan or not to plan…That is the question

What is a strategy?  As defined by Merriam Webster…. ‘a carefully developed plan or method for achieving a goal or the skill in developing and undertaking such a plan or method.’  A cybersecurity strategy is extremely important, but many organizations lack a strategy, or they have not kept their strategy and subsequent roadmap current. …

June 14, 2020 | Carisa Brockman

NIST cybersecurity framework (CSF) explained: what is NIST?

The NIST Cybersecurity Framework (CSF) has only been around for four years and while developed for critical infrastructure, resulting from Executive Order 13636, it has been widely adopted across both private and public sectors and organizational sizes.  It is used inside of the US government, with 20 states using it (at last count). In addition, international organizations such as the Italian…

Get the latest security news in your inbox.

Subscribe via email


June 9, 2020 | Carisa Brockman

Fireside chat: cybersecurity thought leadership

In these trying times, the issues in cybersecurity are changing. Some emerging key themes we are seeing as consultants are: A suddenly remote workforce An acceleration in digital and cloud transformation A surge in cybercrime related to COVID-19 How does having a robust security framework with well-defined policies enable companies to react quickly when a major disruption occurs?  It…

May 4, 2020 | Carisa Brockman

Data security governance explained

Security, privacy, and risk does not have to be scary… but with GDPR, CCPA, and organizations moving to a risk-based approach to security rather than focusing on only compliance, it has become a daunting challenge.  What is typically at the heart of organizations?  Data and information.  The common denominator that makes security, privacy and risk more…