Data privacy and data governance fundamentals of the NIST Privacy Framework

September 22, 2020 | Zachary Curley
Zachary Curley

Zachary Curley

Zach is a Consultant in the AT&T Cyber Security Solutions, Business Services offering. He has experience in numerous industries including Healthcare, Entertainment, and Management Consulting, and has advised companies in the Fortune 100, all the way down to sole-proprietorships. Having started on the technical side of Information Technology, he has a strong understanding of infrastructure and IT operations. His work has helped clients create, mature, audit and secure their Information Security and Privacy programs, and identify and remediate gaps and weaknesses in their organization. Zach specializes in Data Privacy and Vendor Management and has created, launched, and managed numerous third-party risk management programs during his career.

September 22, 2020 | Zachary Curley

Data privacy and data governance fundamentals of the NIST Privacy Framework

As of January 16, the National Institute for Standards and Technology (NIST) published the first version of their privacy framework. For those of you familiar with NIST frameworks you will already be accustomed with the way NIST presents control categories, controls, sub controls, et cetera. This framework includes the following categories: Identify Govern Control Communicate Protect Some of these controls have…

July 6, 2020 | Zachary Curley

Improving workflows to speed security implementation

Introduction Limited budgets, limited staff, limited time. Any security professional will have dealt with all of these repeatedly while trying to launch new initiatives or when completing day-to-day tasks. They are possibly the most severe and dangerous adversaries that many cybersecurity professionals will face. They affect every organization regardless of industry, size, or location and pose an existential threat to…

Get the latest
security news
in your inbox.

Subscribe via email

RSS

April 23, 2020 | Zachary Curley

Why cybersecurity needs a seat at the table

Introduction A shift has occurred in the bastion of corporate hierarchy in the last few decades that has fundamentally changed how organizations operate. This shift started about sixteen years ago in 1994 with Citibank/Citigroup. After suffering a cybersecurity incident, they created the role of Chief Information Security Officer (CISO); a role which has only grown in prominence since. It&rsquo…

February 18, 2020 | Zachary Curley

Why vendor management is a cornerstone of security

When it comes to building a security program, one of the most frequently overlooked areas is that of vendor management. Organizations focus significant resources on internal security, such as vulnerability scans, centralized log management, or user training, while not extending the same diligence towards their third-parties. Organizations end up trusting the security of their network and data to an unknown…