Cybersecurity & Information Security — United States
Cybersecurity and information security as a practice — NIS2/DORA/CRA, NYDFS 23 NYCRR 500, CMMC, SOC 2 / ISO 27001, ANSSI/EBIOS/PSSI, incident-response and operational-resilience programs, and security-control evidence.
Skills
United States
·
cybersecurity
CMMC 2.0 Compliance Skill
Expert CMMC 2.0 (Cybersecurity Maturity Model Certification) advisor for US defense contractors and subcontractors in the Defense Industrial Base (DI…
United States
·
cybersecurity
Incident Response Plan and Playbook
Drafts incident response plans and playbooks for legal organizations, adapting NIST SP 800-61 to law firm contexts including privilege preservation, …
United States
·
cybersecurity
Incident Response Plan and Playbook
Drafts incident response plans and scenario playbooks for U.S. legal organizations, aligning NIST SP 800-61 Rev. 2 phases with ABA Model Rules 1.1/1.…
United States
·
cybersecurity
NYDFS Expert
NYDFS 23 NYCRR 500 expert for financial services. Deep knowledge of New York Department of Financial Services cybersecurity requirements including al…
United States
·
cybersecurity
NYDFS Information Security Program (23 NYCRR 500)
Drafts a comprehensive Information Security Program compliant with NYDFS Cybersecurity Regulation (23 NYCRR 500). Covers CISO designation, risk asses…
United States
·
cybersecurity
Written Information Security Program (WISP)
Drafts a Written Information Security Program compliant with Massachusetts 201 CMR 17.00 and supplementary frameworks (GDPR, CCPA, HIPAA, GLBA, PCI-D…