Thinkers360
Interested in getting your own thought leader profile? Get Started Today.

Alex Sharpe

Principal at Sharpe Management Consulting LLC

Clinton, United States

Big 4 Trained Management Consulting with Real-World Operational Experience

Executive, Management Consultant, Advisor
Digital Transformation, Cybersecurity, Privacy, Strategy, Operations, M&A
Speaker, Author

Work History.
Sharpe Management Consulting LLC
eForce, VP East Coast and Global Operations
The Hackett Group, Co-Founder
KPMG, Practice Leader
Booz Allen & Hamilton, Practice Leader
National Security Agency (NSA)

Formal Education.
Columbia Business School, two awards of merit
Digital Transformation, Finance, Strategy, Globalization
Value Investing
Johns Hopkins University, Masters
Systems Engineering, Operations Management, Program/ Project Management
New Jersey Institute of Technology (NJIT), BSEE
Computer Science, Math

Executive Education.
George Washington University, Engineering Economics
Carnegie Mellon University (CMU), Information Networking Institute (INI)
MIT
First Finance Institute (FFI)

Certifications.
CMMC RP
ISACA CDPSE (Certified Data Privacy Solutions Engineer)
INFOSEC (Cybersecurity) Analyst (NSA)
Cryptologic Engineer (NSA)
Mergers & Acquisitions (M&A)
Blockchain Technologies: Business Innovation and Application
Intellectual Property (IP)
Business Analytics
Globalization

Available For: Advising, Authoring, Consulting, Influencing, Speaking
Travels From: Morristown, NJ
Speaking Topics: Cybersecurity, Value Creation, Digital Transformation, Governance Risk Management and Compliance (GRC),, Critical Infrastructure

Speaking Fee $1 (In-Person)

Alex Sharpe Points
Academic 221
Author 732
Influencer 205
Speaker 222
Entrepreneur 465
Total 1845

Points based upon Thinkers360 patent-pending algorithm.

Thought Leader Profile

Portfolio Mix

Featured Videos

Featured Topics

Sun Tzu and the Art of CyberSecurity (or Critical Infrastructure Protection)

This presentation is always well received especially when tailed to specific areas like Privacy, GRC, Risk Management, healthcare, Critical Infrastructure Protection, and the like.

Sun Tzu is traditionally credited as the author of The Art of War, an influential work on strategy that has affected both Western and East Asian philosophy. His works focus much more on alternatives such as stratagem, delay, the use of spies, the making and keeping of alliances, the uses of deceit.

Sun Tzu's work has been praised and employed in culture, politics, business, and sports, as well as modern warfare.

Technology Innovation While Mitigation Cyber Risk

Human productivity is driven by technical innovation. Whether it is the invention of the wheel or Artificial Intelligence (AI) the patterns are very consistent and the nature of the crucible that fuels the fire of innovation does not change. We explore these patterns, we look at current trends, and we talk through how to do this safely:

- cybersecurity
- privacy
- ethics
- IP protection
- Risk Management
- Creative Destruction
- Crossing the Chasm
- Accelerators

Cybersecurity Maturity Model Certification (CMMC)

CMMC brings together national standards, and international standards, with industry-accepted principles of Global Risk Management & Compliance (GRC) to improve cyber hygiene for companies and critical infrastructure (CI). Currently mandated for suppliers to the US Department of Defense (DoD) it is being looked at all of the US Government and its Allies. The recent Executive Order (EO) and extension of EU sanction only accelerate the adoption.

This presentation is often focused on specific topics like special consideration of the Cloud, coexistence with other mandates like HIPA or GDPR, or timely topics like SolarWinds and Operational Resilience (OR).

Company Information

Company Type: Service Provider
Theatre: Global
Minimum Project Size: Undisclosed
Average Hourly Rate: Undisclosed
Number of Employees: Undisclosed
Company Founded Date: Undisclosed
Media Experience: 20 years
Last Media Training: 07/16/2020
Last Media Interview: 07/03/2020

Areas of Expertise

AI 31.83
Analytics 31.24
AR/VR
Big Data 30.56
Blockchain 34.97
Business Continuity 41.62
Business Strategy 65.96
Change Management 30.21
Cloud 47.28
Cryptocurrency 39.33
Customer Experience
Cybersecurity 82.07
Design Thinking
Digital Disruption 35.30
Digital Transformation 38.06
Diversity and Inclusion 31.00
Ecosystems 30.59
Emerging Technology 31.43
ERP 30.13
FinTech
Future of Work 30.18
Health and Safety 30.79
HealthTech 30.10
Innovation 31.26
IoT 30.04
Leadership 30.12
Legal and IP 32.78
Management 30.28
Marketing 30.22
Mergers and Acquisitions 32.91
Metaverse 33.53
Mobility 30.19
National Security 92.34
Open Innovation
Predictive Analytics 30.26
Privacy 38.24
Risk Management 100
Security 31.17
Startups 30.21
Supply Chain 31.21

Industry Experience

Aerospace & Defense
Automotive
Consumer Products
Federal & Public Sector
Financial Services & Banking
Healthcare
High Tech & Electronics
Higher Education & Research
Insurance
Manufacturing
Media
Other
Pharmaceuticals
Professional Services
Retail
Telecommunications
Travel & Transportation
Utilities
Wholesale Distribution

Exclusive Content    Join Alex Sharpe's VIP Club

Publications

10 Academic Certifications
Corporate Governance: Maximize Your Effectiveness In The Boardroom
Wharton Business School, University of Pennsylvania
March 15, 2023
Today’s organizations are working harder than ever to adapt to a rapidly changing world. This requires effective corporate governance that can help them increase their accountability and avoid major disasters while also being more responsive to stakeholder concerns and more transparent with investors. Whether you’re already on a board or looking to join one, this program will help you navigate unexpected enterprise risks while capably monitoring financial performance. From the technical responsibilities of a board to the nuances of guiding an organization through contemporary challenges, you’ll get a comprehensive overview of the role of corporate governance and gain critical insights into the realities of board service.

Credential ID 70268205

See credential

See publication

Tags: Diversity and Inclusion, Ecosystems, Innovation

Digital Strategies for Business: Leading the Next Generation Enterprise
Emeritus
January 15, 2021

Credential ID 28084128

See publication

Tags: Business Strategy, Digital Transformation, Emerging Technology

Digital Strategy for Business
Emeritus and Columbia Business School
January 15, 2021

Credential ID 28084128

See credential

See publication

Tags: Business Strategy, Digital Disruption, Digital Transformation

Executive Access: Branding on a Shoe String
Columbia Business School Executive Education
January 15, 2021

Credential ID 28187447

See publication

Tags: Business Strategy, Digital Transformation, Marketing

Intellectual Property (IP) for Entrepeneurs
Columbia University - Columbia Technology Ventures SEAS
December 15, 2020

See publication

Tags: Emerging Technology, Legal and IP, Mergers and Acquisitions

Quantitative Intuition: Making Smarter Decisions with Imperfect Information
Columbia Business School Executive Education
September 18, 2020

See publication

Tags: Analytics, Business Strategy, Predictive Analytics

Mergers and Acquisitions (M&A)
Colummbia Business School and First Finance Institute
January 15, 2020

See publication

Tags: Business Strategy, Mergers and Acquisitions, Risk Management

Blockchain Technologies: Business Innovation and Application
Massachusettes Institute of Technology (MIT) Sloan School of Management
April 15, 2019

Credential ID 1519138336

See publication

Tags: Blockchain, Cryptocurrency, Emerging Technology

Globalization Strategies for Your Enterprise Globalization (Online): Strategies for Your Enterprise
Columbia Business School
May 15, 2017

See publication

Tags: Business Strategy, Digital Transformation, Risk Management

Business Analytics
Columbia Business School
April 15, 2017

See publication

Tags: Big Data, Business Strategy, Predictive Analytics

1 Academic Course
Machine Learning for Business Enablement!
ISACA
July 14, 2024
Machine learning is a longstanding subset of artificial intelligence that enables computers to learn from data. Machine learning excels at identifying patterns, detecting anomalies and automating routine, time-consuming tasks, making it an increasingly important business enabler in any industry. Recent advances in AI necessitate that digital trust professionals, of any discipline, possess not only a theoretical understanding of machine learning but also attain minimal hands-on vendor agnostic experience.

The material in this course is essential to effectively evaluate ML solutions, better assess risk, and aid responsible adoption. The end result is a well-informed professional poised to better support enterprise adoption and use regardless of setting.

To provide learners with practical experience we have included two hands-on labs. Labs will leverage Jupyter Notebook and Python to train two regression models from scratch.

See publication

Tags: AI, Business Strategy, Risk Management

4 Adjunct Professors
Adjunct Professor, Cyber Fellows
New York Unviersity
January 12, 2024
The NYU Cyber Fellows program is a master’s degree initiative designed to respond to concern over the growing shortfall in the number of cybersecurity professionals, a gap estimated by several studies to be as high as 3.5 million by 2021. Recognizing that such a shortfall presents a major cyber risk in and of itself, NYU Tandon created a master’s program that overcomes the two factors that have kept individuals from pursuing degrees in this field: time and money. NYU Cyber Fellows receive scholarships that cover roughly 75% of tuition for US residents, and as a part-time program, that offers much of the course work online, it is also an accessible program for those currently working full-time.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

“Sun Tzu and the Art of Cyberwar/ Cyber Governance”
San Diego Statue University (SDSU)
January 11, 2022

See publication

Tags: Cybersecurity, Digital Transformation, Risk Management

“Cloud Security, Audit, and Governance”
San Diego Statue University (SDSU)
January 11, 2022

See publication

Tags: Cloud, Cybersecurity, Risk Management

“Artificial Intelligence (AI) – unlocking the value while mitigating Cyber Risk”
San Diego Statue University (SDSU)
January 11, 2022

See publication

Tags: AI, Business Strategy, Risk Management

5 Advisory Board Memberships
BWG Strategy LLC
BWG Strategy
August 15, 2020
BWG is an invite-only network for senior executives across technology, media and telecom. BWG industry professionals participate in a series of roundtables discussions, which are a valuable resource for market intelligence, business development and personal / professional networking.

See publication

Tags: Cybersecurity, Digital Disruption, Digital Transformation

Advisor to Board of Directors
Toda Financial
August 02, 2020
TECHNOLOGY TO ENABLE A NEW ECONOMY

Digital assets with speed, mobility, security, privacy & clear ownership

TODA, a decentralized protocol for ownership management, enables the secure and efficient creation, ownership, and transfer of meaningful digital assets, providing a transformational digital foundation from the bottom up. TODA can represent assets in any business setting: identity, goods, services, and of course, currency. In addition to TODA, there is also the Adot Protocol, an internet application protocol that enables interoperable digital asset trade.

Our TODA-as-a-Service platform, TaaS, gives direct access to TODA and provides unprecedented trust, efficiency, and interoperability to enterprises, banks, and governments. We provide business solutions including commodity backed digital currencies, payments, remittances, loyalty, audit, regulatory supervision and supply chains.

See publication

Tags: Blockchain, Cybersecurity, Digital Transformation

2020 IT Budgets: Iteration 6 - July 2020
BWG Strategy
July 31, 2020
We directly compare results across six versions and have committed to running this report monthly through the summer of 2020. These latest results highlight trend updates and sentiment shifts across the enterprise software ecosystem.

We found more signs of stagnating budget growth in 2020. The median rate of budget growth remains at 0% YoY, in-line with our June survey.

See publication

Tags: Business Strategy, Cybersecurity, Digital Transformation

Chair, Advisory Board
Talon Companies
June 01, 2020
Working with Talon's senior leadership to expand their services and geographic coverage.

Our highly specialized team has been doing Cybersecurity long before it became popular and mainstream. Unlike many other firms, we understand the operational needs and complexities of modern business realities. We have successfully delivered our expertise to the largest corporations, government agencies, and small to medium-sized businesses, and are ready to connect with you.

See publication

Tags: Cybersecurity, Digital Transformation, Risk Management

Columbia Technology Ventures
Columbia University
January 15, 2019
There has always been a special place in my heart for startups and innovative companies. As a Mentor for Columbia Technology Ventures and the IBM Blockchain Launch Accelerator, I work with startups in the areas of CyberSecurity, Artificial Intelligence (AI), and Blockchain to transform their ideas into sustainable businesses.

See publication

Tags: AI, Cybersecurity, Digital Disruption

13 Analyst Advisorys
GRC: OneTrust vs. Apptega
IANS Research
January 24, 2024
A security team in the utilities industry is looking at GRC solutions, particularly OneTrust Certification Automation and Apptega. The team is leaning toward OneTrust but would like Faculty insights on the products. Specifically, the team asks:

* What insights do Faculty have on OneTrust and Apptega?

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Define Context Before Assigning Vendor Tiers
IANS Research
December 20, 2023
The Challenge
A security team in the construction/engineering industry would like Faculty’s recommendations for establishing vendor tiers for third-party risk management. Specifically, the team asks:

What differentiates a Tier 1 vendor from a Tier 3 vendor?

See publication

Tags: Cybersecurity, Risk Management, Supply Chain

Keep RFIs Clear and Concise
IANS Research
December 20, 2023
The Challenge
A security team in the financial services industry would like to know how to mature their vendor request for information (RFI) process. Specifically, the team asks:

* What are best practices when sending an RFI?
* What questions should we be asking upfront?
* What is the best method for receiving RFIs?
* What teams should be involved?
* What threat intelligence exists around the RFI process?
* How are other organizations managing RFIs?

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Tools & Templates, December 13, 2023 10 Questions Most Often Missed in IR Tabletops
IANS Research
December 13, 2023
This document lists 10 questions most often missed during IR tabletops. It is written from the perspective of practitioners and decision-makers.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Red Team Scenarios
IANS Research
December 07, 2023
This document provides a list of red team scenarios that simulate the actions of a threat actor after infiltrating the network. Each scenario includes various stages, such as gaining initial access, malware deployment, privilege escalation, network mapping and attempts to deploy ransomware.

To keep the scenarios current while also providing for expansion, the scenarios rely on resources available through the MITRE ATT&CK knowledge base, CISA and the NSA.

See publication

Tags: Business Strategy, Cloud, Cybersecurity

Incident Response Plan Template
IANS Research
November 28, 2023
The time for putting a comprehensive incident response plan (IRP) in place is well before you face an incident.

This template is for an operational IR guide for cybersecurity incidents, and it has been updated to comply with the SEC’s latest cybersecurity rules. Items in orange require customization.

See publication

Tags: Business Strategy, Cloud, Cybersecurity

D&O Liability Insurance: CISOs Need Coverage, Too
IANS Research
September 13, 2023
Directors and officers (D&O) liability insurance covers the directors and officers of a company against lawsuits alleging a breach of duty. This report explains the importance of D&O insurance for CISOs and offers tips for getting leadership buy-in.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Proposed Second Amendment to 23 NYCRR Part 500 - Comment
State of New York Cybersecurity Resource Center
January 09, 2023

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

"Money and Payments: The U.S. Dollar in the Age of Digital Transformation”
Global Digital Currency and Asset Association (Global DCA)
June 06, 2022
Response to Board of Governors of the Federal Reserve System, regarding Central Bank Digital Currency (CBDC).

See publication

Tags: Cryptocurrency, Digital Disruption, Risk Management

Review of Bank Secrecy Act Regulations and Guidance
Global Digital Currency and Asset Association (Global DCA)
February 14, 2022
The Financial Crimes Enforcement Network (FinCEN) is issuing this request for information (RFI) to solicit comment on ways to streamline, modernize, and update the anti-money laundering and countering the financing of terrorism (AML/CFT) regime of the United States. In particular, FinCEN seeks comment on ways to modernize risk-based AML/CFT regulations and guidance, issued pursuant to the Bank Secrecy Act (BSA), so that they, on a continuing basis, protect U.S. national security in a cost-effective and efficient manner. This RFI also supports FinCEN's ongoing formal review of BSA regulations and guidance required pursuant to Section 6216 of the Anti-Money Laundering Act of 2020 (the AML Act). Section 6216 requires the Secretary of the Treasury (the Secretary) to solicit public comment and submit a report, in consultation with specified stakeholders, to Congress by January 1, 2022, that contains the findings and determinations that result from the formal review, including administrative and legislative recommendations.

See publication

Tags: Cryptocurrency, Risk Management, National Security

USA: CMMC 2.0
Onetrust Data Guidance Magazine
January 11, 2022

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Cloud Market Outlook (Update)
BWG Strategy Insight Reporrt
January 05, 2022

See publication

Tags: Business Strategy, Cloud, Digital Transformation

Letter of Support for GeneInfoSec
AFWERX, a Technology Directorate of the Air Force Research Laboratory (AFRL)
October 18, 2021

See publication

Tags: Cybersecurity, Digital Disruption, HealthTech

56 Analyst Reports
Pulse of Cyber GRC 2025. Expert views on evolving landscapes
Sprinto
November 15, 2024
Security leaders face a complex and tumultuous threat landscape as they gear up for 2025.

The expanding cloud surface area and the rapid proliferation of innovations like AI introduce both
promise and peril. An explosion of advanced persistent threats, mounting vulnerabilities in the
supply chain, increased third-party risks, and escalating regulatory pressures only compound the
complexities.

In this climate, integrating Governance, Risk, and Compliance (GRC) into core business processes
rather than treating GRC as an add-on is the need of the hour. In fact, 61% of organizations
believe that embedding risk with business strategy is a critical priority, indicating that there’s
ample room for optimal fitment. Indeed, the most resilient companies will be those shaped by and
aligned with GRC.

However, 72% of GRC professionals say their risk management capabilities haven’t kept pace
with the world.

So, how can security leaders better leverage and align GRC to business goals, and what
technologies are best suited to support such objectives?

See publication

Tags: AI, Cybersecurity, Risk Management

Start Preparing for the NIS2 Directive
IANS Research
September 10, 2024
Designed to enhance the cyber-resilience of the European Union (EU), the Network and Information Security (NIS2) Directive greatly expands the range of organizations considered covered entities. However, before organizations can comply, member states must establish specific implementation and enforcement rules. This report explains the differences between NIS1 and NIS2 and provides guidance on how covered entities can prepare for NIS2.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Reduce the Burden of Managing Policies and Standards
IANS Research
August 12, 2024
As cybersecurity grows as a business imperative, it becomes integrated into governance, risk management and compliance (GRC) practices. It is important for cybersecurity professionals to understand those practices and adopt lessons learned. This report describes best practices for managing changes to cybersecurity policies and standards.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

California Consumer Privacy Act (CCPA) Cheat Shee
IANS Research
August 07, 2024
The California Consumer Privacy Act of 2018 (CCPA) was signed into law on June 28, 2018 and went into effect on January 1, 2020. The CCPA provided consumers more control over their personal information collected and processed by businesses. In November of 2020, the CCPA was amended by Proposition 24, the California Privacy Rights Act (CPRA) Proposition 24, the CPRA, added new privacy protections. The CPRA took effect on December 16, 2020. Many of the provisions that modified provisions of the CCPA did not become operational until January 1, 2023.

See publication

Tags: Cybersecurity, Privacy, Risk Management

India’s Digital Personal Data Protection Act Cheat Sheet
IANS Research
August 02, 2024
The Digital Personal Data Protection Act (DPDPA) was passed on August 11, 2023. The provisions of the DPDPA are yet to be defined and enforced. The Indian government is expected to produce rules to enable implementation of the law in the coming months. When the law comes into force, it will supersede the existing patchwork of data protection legislation—most notably, the rules under section 43A of the Information Technology Act of 2000.

No effective date has been established. There is no official timeline for the overall implementation. It is expected the law will come into force in a phased manner over the next 12 months. Two key milestones are required:

1. the data protection board must be established. The data protection board is the independent agency charged with enforcing the DPDPA.

2. The Indian government must complete rulemaking to establish the specifics, procedural steps and enforcement mechanisms.

See publication

Tags: National Security, Privacy, Risk Management

Japan APPI Cheat Sheet
IANS Research
August 02, 2024
In Japan, The Act on the Protection of Personal Information Act No. 57 (APPI) was first passed in 2003.
The APPI gets a check-up every three years to ensure it remains relevant. In 2017, the APPI underwent a
major change to protect a special type of data. In 2020, the APPI was modified to strengthen the rules
when data is shared outside Japan and expanded the rules regarding data breaches.
Japan is among the countries that have enacted comprehensive consumer privacy laws, focusing on
giving residents control over their personal information and imposing specific obligations on businesses
regarding the handling of consumer data. Japan has one of the longest standing privacy frameworks.
Japan also requires compliance with sector-specific requirements issued by different parts of the
Japanese government. For example, the Ministry of Health, Labor and Welfare issued guidelines like the
Guidance for the Appropriate Handling of Personal Information by Medical or Care-related Service
Providers.

See publication

Tags: National Security, Privacy, Risk Management

NIST CSF 2.0: What’s new and how to use it
OneTrust Data Protection Leader (DPL)
July 31, 2024
Version 2.0 of the Cyber Security Framework (CSF) treats cybersecurity as a business discussion. Cyber is a risk managed alongside other business risks, especially when it comes to risks driven by technology and data like privacy, supply chain, artificial intelligence (AI), and other forms of emerging technology. The word ‘risk’ appears in three times more subcategories than in version 1.1.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

New Jersey Data Protection Act Cheat Sheet
IANS Research
July 19, 2024
The New Jersey Data Protection Act (NJDPA) was passed on Jan. 16, 2024. It becomes effective and enforceable on Jan. 15, 2025. New Jersey is among the states that have enacted comprehensive consumer privacy laws, focusing on giving residents control over their personal information and imposing specific obligations on businesses regarding the handling of consumer data.

See publication

Tags: Cybersecurity, Privacy, Risk Management

Utah Consumer Privacy Act Cheat Sheet
IANS Research
July 12, 2024
The Utah Consumer Privacy ACT (UCPA) was passed on March 24, 2022. It became effective on Dec. 31, 2023. Utah is among the states that have enacted comprehensive consumer privacy laws, focusing on giving residents control over their personal information and imposing specific obligations on businesses regarding the handling of consumer data.

See publication

Tags: Cybersecurity, Privacy, Risk Management

Colorado Privacy Cheat Sheet for Infosec Professionals
IANS Research
July 12, 2024
The Colorado Privacy ACT (CPA) was passed on July 7, 2021. It became effective on July 1, 2023. Colorado is among the states that have enacted comprehensive consumer privacy laws, focusing on giving residents control over their personal information and imposing specific obligations on businesses regarding the handling of consumer data.

See publication

Tags: Cybersecurity, Privacy, Risk Management

AI Resilience: A Revolutionary Benchmarking Model for AI Safety
Cloud Security Alliance (CSA)
May 05, 2024
The rapid evolution of Artificial Intelligence (AI) promises unprecedented advances. However, as AI systems become increasingly sophisticated, they also pose escalating risks. Past incidents, from biased algorithms in healthcare to malfunctioning autonomous vehicles, starkly highlight the consequences of AI failures. Current regulatory frameworks often struggle to keep pace with the speed of technological innovation, leaving businesses vulnerable to both reputational and operational damage.

This publication from the CSA AI Governance & Compliance Working Group addresses the urgent need for a more holistic perspective on AI governance and compliance, empowering decision makers to establish AI governance frameworks that ensure ethical AI development, deployment, and use. The publication explores the foundations of AI, examines issues and case studies across critical industries, and provides practical guidance for responsible implementation. It concludes with a novel benchmarking approach that compares the (r)evolution of AI with biology and introduces a thought-provoking concept of diversity to enhance the safety of AI technology.

See publication

Tags: AI, Cybersecurity, Risk Management

The Role of Zero Trust in Reducing Your Cost of Security
The Audit Board
November 20, 2023
What is the zero trust security model and how does it work? How can it be used to reduce cost of compliance, cost of security, and cost of privacy?

Alex Sharpe provides a foundational understanding of zero trust and explains how you can leverage the model to achieve reductions in the cost of security.

See publication

Tags: Business Strategy, Cloud, Cybersecurity

Practitioners’ Guide to Managing AI Security
KPMG
June 21, 2023
The race to integrate AI into internal operations, and bring AI-based products and services to market, is moving faster than almost anyone could have imagined. Some security leaders have expressed concern that in the excitement over AI’s potential, critical security and assurance considerations are being overlooked.

Recognizing the disconnect between AI innovation and AI security, Global Resilience Federation convened a working group and asked KPMG to facilitate in-depth discussions among AI and security practitioners from more than 20 leading companies, think tanks, academic institutions, and industry organizations.

The output of this working group is the Practitioners’ Guide to Managing AI Security. The guide aims to provide insights and considerations that strengthen collaboration between data scientists and AI security teams across five tactical areas identified by the working group: Securing AI, Risk & Compliance, Policy & Governance, AI Bill of Materials, and Trust & Ethics.

See publication

Tags: AI, Cybersecurity, Risk Management

The SEC’s Cyber Disclosures
Harvard Law School forum on Corporate Governance
June 03, 2022
This post is based on a comment letter on the SEC’s cyber disclosures submitted jointly by me, Shiva Rajgopal, and my co-author, Alex Sharpe. I chair both the Cybersecurity and Board Director programs for Columbia Business School, entitled Leading Cybersecurity at Your Organization and Corporate Governance Program: Developing Exceptional Board Leaders respectively. Alex Sharpe is long-time cybersecurity and business strategy professional with real-world operational experience. He has over 30 years of experience working in these areas nationally and internationally for both the public and private sectors including the U.S. Intelligence Community and regulators.

See publication

Tags: Cybersecurity, Digital Disruption, Risk Management

Federal Reserve. Central Bank Digital Currency (CBDC) “Money and Payments: The U.S. Dollar in the Age of Digital Transformation”
Global Digital Currency and Asset Association (Global DCA)
May 20, 2022
The Federal Reserve sought feedback on the pros and cons of a potential U.S. central bank digital currency (CBDC) to determine whether and how a CBDC could improve the safe and efficient domestic payments system.

Our submission:
- suggested guardrails and regulatory environment to provide trust and stability to foster adoption
- talks about the need for the U.S. to move out on a CBDC to remain the world's fiat currency
- potentially becomes an additional tool for monetary policy
- the possible use of a wholesale token (almost all suggestions to date have been retail-based)
- talks about how a CBDC could bank the unbanked and could also be used to
- potential for financial inclusion.

See publication

Tags: Cryptocurrency, Cybersecurity, Risk Management

BWG Insights: Artifical Intelligence (AI) Industry Outlook
BWG Strategy
October 15, 2021

See publication

Tags: AI, Digital Transformation, Risk Management

End User Computing Securiy, Data Loss Detection (DLD), and Data Loss Prevention (DLP)
BWG Strategy
September 30, 2021

See publication

Tags: Cybersecurity, Digital Transformation, Risk Management

BWG Insights Report IT Budget Pulse: Sept 2021
BWG Strategy
September 15, 2021

See publication

Tags: Business Strategy, Cloud, Risk Management

BWG Insights Report IT Budget Pulse: Aug 2021
BWG Strategy
August 15, 2021

See publication

Tags: Business Continuity, Cloud, Risk Management

BWG Insights Report IT Budget Pulse: July 2021
https://bwgstrategy.com
July 23, 2021

See publication

Tags: Business Strategy, Cybersecurity, Digital Transformation

BWG IT Budget Insights Report June 2021
BWG Strategy
June 28, 2021

See publication

Tags: Business Strategy, Cloud, Cybersecurity

BWG IT Spend Insights Report April 2021
BWG Strategy
April 16, 2021

See publication

Tags: Business Strategy, Cloud, Cybersecurity

BWG Insights Report Palantir
BWG Strategy
April 16, 2021

See publication

Tags: AI, Analytics, Digital Transformation

BWG Cloud and Data Center Insights Report
BWG Strategy
April 15, 2021

See publication

Tags: Business Strategy, Cloud, Digital Transformation

BWG Strategy IT Budget Pulse
BWG Strategy
March 19, 2021

See publication

Tags: Business Strategy, Cloud, Risk Management

22 Article/Blogs
The Often-Forgotten Organizational Dimensions of Resilience and Digital Trust
ISACA Now Blog
August 30, 2024
Simply put, resilience is about remaining viable amidst adversity and being better for it. That means aligning technology strategy with business strategy and operations. It means moving away from a strategy of continually layering controls to mitigate cyber risk to a strategy where we consider different forms of risk treatments with an eye toward a collaboration among technology, people, processes and the organization.

Phil Venables, the CISO for Google Cloud and the Co-Chair of the Presidential Counsel of Advisors on Science and Technology (PCAST), said it best: “Connect the tone at the top with the resources in the ranks.”

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

National Cyber Strategy Implementation: Regulatory Harmonization and Reciprocity
Linkedin
June 10, 2024

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Malicious Cyber Activity Against Operational Technology (OT), especially Water: What You Can Do Today
Linkedln
December 10, 2023
The Energy, Food and beverage, Manufacturing, and Healthcare sectors are also affected.
Soon after the series of coordinated armed incursions into Israel by Hamas and the subsequent response by Israel, we saw a significant uptick in malicious cyber operations from Advanced Persistent Threat (APT) associated with the Iranian Government Islamic Revolutionary Guard Corps (IRGC).

See publication

Tags: Business Strategy, Cybersecurity, Digital Transformation

Protecting Our Water Supply from Cyber Attacks
Linkedin
December 10, 2023
Soon after the series of coordinated armed incursions into Israel by Hamas and the subsequent response by Israel, we saw a significant uptick in malicious cyber operations from Advanced Persistent Threat (APT) associated with the Iranian Government Islamic Revolutionary Guard Corps (IRGC).

The Energy, Food and beverage, Manufacturing, and Healthcare sectors are also affected.

Bottom Line: Basic blocking and tackling go a long way toward improving your cyber resilience. You must be especially mindful if your organization uses Israeli-made Unitronic’s Vision Series programmable logic controllers (PLCs). The hackers are prioritizing organizations using components manufactured by Israeli companies.

• Implement Multi-Factor Authentication (MFA)
• Use strong, Unique Passwords
• Check the PLCs for default passwords.

See publication

Tags: Business Strategy, Cybersecurity, National Security

The Zero Trust Device Pillar from NSA's Collaboration Center
Linkedin
October 21, 2023
This cybersecurity information sheet (CSI) provides recommendations for maturing
devices—the Zero Trust device pillar—to effectively ensure all devices seeking access
earn trust based on device metadata and continual checks to determine if the device
meets the organization’s minimum bar for access. The primary capabilities of the device
pillar are:
 identification, inventory, and authentication
 detection of unknown devices and configuration compliance checks of known
ones
 device authorization using real time inspections
 remote access protections
 hardware updates and software patches
 device management capabilities
 endpoint detection and response for threat detection and mitigation

See publication

Tags: Cybersecurity, IoT, National Security

"The human element is the most common threat vector; it was the root cause of 82% of data breaches." Data Breach Investigations Report, 2022
Linkedin
October 19, 2023
Recent incidents at MGM and @Ceasers have demonstrated the real-world impact.

“Amateurs hack systems, professionals hack people.”
Bruce Schneier

Earlier this week, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and @Multi-State Information Sharing and Analysis Center (MS-ISAC) released guidance to raise awareness of the increased threat of #phishing as part of social engineering campaigns.

See publication

Tags: Business Strategy, Cybersecurity, National Security

SEC Cyber Security Rules - More Than Regulations and Transparency
Linkedin
August 01, 2023
It was hard to miss the SEC’s passing of the first of three proposed Cyber Rule (File Number S7-09-22) last week. A lot has been written about the specifics but very little has been written about the bigger picture, its impact on senior leadership, and the long-term significance.

See publication

Tags: Business Strategy, Cybersecurity, National Security

A Must Read: Posture Statement of General Paul M. Nakasone, Commander US Cyber Command
Linkedin
April 06, 2023
I am sure you have thought about the bad guys harming us – whether they be hackers seeking financial gains through #Ransomware or #APTs stealing our #IntellectualProperty. Have you ever asked yourself, who do we have? What is our offensive cyber capability that keeps the bad guys up at night? The answer is the U.S. Cyber Command.

Our offensive Cyber capability is increasingly engaged in neutralizing our adversaries.

See publication

Tags: Business Strategy, Cybersecurity, National Security

Steganography: the ability to hide secret messages
National Cryptologic Museum
January 19, 2023
An excellent video from the National Cryptologic Museum. We talk about things like #cybersecurity #criticalinfrastructureprotection #nationalsecurity and the like, but we forget the truly scary #threats are from the #APTs and their tradecraft.

#Steganography is the craft of hiding messages like invisible ink. It is gaining renewed interest, most recently from #AI.

https://lnkd.in/e_Q9vsDv

The National Cryptologic Museum sponsors many wonderful programs. You can email them here to find more. cchevents@nsa.gov

See publication

Tags: Cybersecurity, National Security, Risk Management

Featured Article: The Board's Role in Advancing Digital Trust
Information Systems Audit and Control AssociationInformation Systems Audit and Control Association (ISACA)
November 23, 2022

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Digital Trust Takes a Village
Information Systems Audit and Control AssociationInformation Systems Audit and Control Association (ISACA)
August 17, 2022
The World Economic Forum (WEF) estimates about 60% of the Global Economy comes from digital and that is only going to grow. Fostering Digital Trust is necessary as it becomes increasingly demanded by shareholders, customers, business partners, and regulators. Historically, digital has been the domain of I.T. That is no longer the case especially when it comes to building trust. Trust begins with the tone from the top and requires a concerted effort from the entire organization.

See publication

Tags: Business Strategy, Digital Transformation, Risk Management

DNA Is Also Data - The bad guys want it. How do we protect it?
Linkedin
July 18, 2022
The cyber industry has a long history of dealing with data and information in both paper and in digital formats. The information in our DNA is different. DNA is who we are. When compromised, it is not something we can change like a lost password or username or even a Social Security Number (SSN). We cannot even conceive of its value. There is no practical way of quantifying the financial impact of its loss.

See publication

Tags: Cybersecurity, Digital Transformation, Risk Management

USA: Are employers liable for breaches resulting from employee actions and what should they do about it?
https://www.dataguidance.com/
June 29, 2022
Now that 'cybersecurity' is a board-level conversation, the question of whether employers are liable for breaches resulting from employee actions is frequently discussed. While the answer is straightforward, what to do about it is much more nuanced. Alex Sharpe, Principal at Sharpe Management Consulting LLC, discusses a framework and the key questions to ask to protect, detect, and recover, resulting in five steps that may make a real difference.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

USA: Executive Order on Improving the Nation's Cybersecurity: What's different this time?
DataGuidance
May 18, 2021
"The art of [cyber] war is of vital importance to the State. It is a matter of life and death, a road either to safety or to ruin. Hence it is a subject of inquiry which can on no account be neglected."
- Sun Tzu.

On Wednesday, 12 May 2021, the Biden Administration issued an Executive Order on Improving the Nation's Cybersecurity. The fact sheet lists '...SolarWinds, Microsoft Exchange, and the Colonial Pipeline...' as recent motivations. Alex Sharpe, Principal at Sharpe Consulting LLC, takes a look at the historical context behind the Executive Order and analyzes what's different, and how to implement.

See publication

Tags: Cloud, Cybersecurity, Risk Management

USA: Is CMMC enough to protect my business? Three things to consider today
DataGuidance
January 06, 2021
In the first two articles in the series Alex Sharpe, Principal at Sharpe Management Consulting LLC discussed low-cost things you can do today and what is not readily apparent until you start moving through your assessment. In this article, Alex addresses what the Cybersecurity Maturity Model Certification ('CMMC') does not cover that you will want to consider for your business.

See publication

Tags: Cybersecurity, Digital Transformation, Risk Management

USA: CMMC - what lies beneath
Data Protection Leader
November 02, 2020
In the first article in the series, USA: CMMC as competitive advantage and five things you can do today, Alex Sharpe, Principal at Sharpe Management Consulting LLC discussed why one shouldn't wait and the low-cost things you can do today to make your lives easier. In this article, Alex discusses what is not readily apparent until you start moving through your assessment. Think of it as an iceberg without the luxury liner. In the next article of the series, Alex will address what the Cybersecurity Maturity Model Certification ('CMMC') does not cover that may be critical to keeping your business, your customers and your partners secure. As always, your mileage may vary.

See publication

Tags: Cybersecurity, Digital Transformation, Risk Management

"Iran and Russia Interfering with our election – What You Can Do to Protect Your Vote.”
Talon Cyber Tec
October 23, 2020
US Intelligence Officials warned, state actors from Iran and Russia are using email to “intimidate voters, incite social unrest, and damage [the election]”. Apparently, they have obtained voter registration data and are sending threatening emails.

What can we as individuals and business units do to not be a victim?

See publication

Tags: Cybersecurity, Digital Transformation, Risk Management

"Is Social Media Critical Infrastructure?"​
LinkedIN
October 22, 2020
Social Media is getting lots of attention especially with the upcoming election. Given the way it has woven its way into the way we work and live is it time to declare it Critical Infrastructure?

See publication

Tags: Business Continuity, Cybersecurity, Digital Transformation

USA: CMMC as competitive advantage and five things you can do today
OneTrust Data Guidance Insights
September 02, 2020
In this insight, Alex Sharpe, Principal at Sharpe Management Consulting LLC, who consults on cybersecurity, privacy, digital transformation, disruption, and other areas, draws on his experiences and provides a look into the Cybersecurity Maturity Model Certification, its advantages for organizations, and the key steps businesses can be taking to prepare. | Read more http://ow.ly/6jMQ50BfzRH

See publication

Tags: Cybersecurity, Digital Transformation, Risk Management

Digital Transformation – Adoption Requires a Catalyst - COVID the Ultimate Digital Disruptor
LinkedIN
August 20, 2020
COVID may prove to be the ultimate digital disruptor. In weeks we experienced between 5 and 10 years of digital adoption. It also accelerated Creative Destruction by the same amount and made the Cloud, Video and Collaboration the new mission critical applications.

See publication

Tags: Business Strategy, Digital Disruption, Digital Transformation

Disruption - What a Great Time to Pivot
LinkedIN
April 22, 2020
The CORONA Virus is rocking our worlds – no doubt. It is a scary time with lots of uncertainty. History tells us times like this cause a disruption which also means opportunity. Digital Adoption and Creative Destruction are both accelerated. Sir Isaac Newton created many of his foundational works while self-isolating from the plague. Many notable and highly successful companies have been started in the midst of
disruption. Apple, 3M, Microsoft, Burger King, Disney, and CNN just to name a few. Warren Buffet started what would become Berkshire Hathaway just before a market down turn. These scary times present opportunities for those willing to ask the right questions.

See publication

Tags: Business Strategy, Digital Disruption, Digital Transformation

When Blue Skies Meet Thin Air
LinkedIN
February 18, 2020
It’s a common scenario: The strategy gurus create a brilliant strategy – bold, forward-looking, expertly presented – but it completely fails when implemented. Why? Was it all thin air? Why do brilliant strategies fail? A successful implementation means that 1) Your organization is completely aligned with the new products, services or the new way of doing business, 2) Suppliers, re-sellers, analysts, distributors, analysts and customers think of you in terms of the new strategy, and 3) The business earns more money. This article talks about what happens when execution is not addressed in the planning phases.

See publication

Tags: Business Strategy, Digital Transformation, Leadership

1 Board Membership
Member, Public Policy & Regulation Committee
Global Digital Currency & Cryptocurrency Association
January 15, 2021

See publication

Tags: Blockchain, Cryptocurrency, Cybersecurity

1 Book Chapter
Building the Corporate Intranet
Wiley
November 26, 1996
Building a corporate intranet requires integrating two very different technologies; web development tools and enterprise-wide legacy systems. Few people possess enough experience in both areas to successfully make these technologies work together. The authors, leading consultants at BSG, explain the tools and techniques necessary for building an Intranet system. This book show how to plan, design and build a corporate intranet system, including how to modify the business model, automate the business processes and the content.

See publication

Tags: Business Strategy, Cybersecurity, Digital Transformation

11 Coursewares
NYU Cyber Fellows Governance Module 2
New York Unviersity (NYU)
June 30, 2024
This week, we will begin by reviewing Risk Management concepts and the objective of risk mitigation. We will define Governance and outline the elements thereof. We will see how RM aligns with business objectives. Finally, we will cover standards, frameworks and regulations which govern the field.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

NYU Cyber Fellows Resilience Review Module 8
New York Unviersity (NYU)
May 06, 2024
This is the final week of class. There are no readings, but your final reflection is due in the discussion section. Our final lecture session will be a review and discussion. So make sure to bring any questions about the course content (or send them ahead of time).

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

NYU Cyber Fellows Monitoring and Testing Module 7
New York Unviersity (NYU)
April 29, 2024
This week we will continue to hear from out partners at DTCC on the topic of cyber resiliency monitoring and testing. We will learn the importance of both functional and non-functional requirements, and explore resiliency testing methods such as assessments, failure mode analysis, service verification, and chaos experimentation. The challenges associated with testing cyber resiliency will also be addressed.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

NYU Cyber Fellows Security by Design & Default Module 6
New York Unviersity (NYU)
April 22, 2024
This week will feature a guest lecture from our partners at Depository Trust & Clearing Corporation (DTCC). We will delve into the necessity of designing for resilience within the financial industry, emphasizing the interconnectedness of various sectors and the importance of both business and technology resilience. Use cases and scenarios illustrate the types of failures, both physical and logical, that can occur, along with real-world examples. The delivery framework is outlined, detailing the DTCC technology model and its collaboration with AWS to implement a multi-region infrastructure tailored for financial services.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

NYU Cyber Fellows Security by Design & Default Module 5
New York Unviersity (NYU)
April 15, 2024
This week, we will learn about the concept of Security by Design & Default and what this concept means for businesses and customers. We will discuss the motivation leading to development of Security by Design & Default and explore the strategy and guidance supporting its implementation. Finally, we will do a deep dive into the principals supporting, and tactics for applying, Security by Design & Default.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

NYU Cyber Fellows Zero Trust Module 4
New York Unviersity (NYU)
April 08, 2024
This week, we will explore the Zero Trust Model. We will define Zero Trust and see how it differs from traditional models and how it better aligns with contemporary business models and IT operations. Will will discuss the role of Zero Trust in cyber resiliency and discuss the most current Zero Trust model, standards and initiatives.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

NYU Cyber Fellows Threat Landscape Module 3
New York Unviersity (NYU)
April 01, 2024
This week will provide an overview of the contemporary cyber threat landscape. We will delve into examples of threats facing organizations. We will look at the characteristics of threat actors and discuss the most common types of threat actors and their motivations. We will also cover the vulnerabilities that actors target.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Resilience Overview and Origins - Module 1
New York Unviersity (NYU)
March 30, 2024
In this first week, we will start by going over the class structure and requirements. We will broach the topic of Cyber Resiliency Management by defining resilience and highlighting its importance. We will explore a overview of the core elements and prerequisites for resilience, while also placing it within a historical context.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Special Topics in Computer Science, Cyber Resiliency Management
New York Unviersity
January 15, 2024
Resiliency management will introduce students to the concepts and applications of operational, business, and technology resiliency at the end of the course students will understand the history of resiliency, how to apply resiliency principles to their business and operations departments and enable resiliency architecture and testing into their technology development lifecycle. The Intention of the course is for the student to be empowered with a resiliency mindset and the frameworks to enable resiliency into all parts of any organization.

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Zero Trust Architecture (ZTA) and Software Designed Perimiter (SDP)
Cloud Security Alliance (CSA)
April 15, 2022

See publication

Tags: Business Strategy, Cloud, Risk Management

Courseware Reviewer for Certified Data Privacy Solutions Engineer (CDPSE) review manuel
ISACA
March 31, 2022

See publication

Tags: Business Strategy, Privacy, Risk Management

1 Faculty Member
IANS Faculty
IANS Research
September 01, 2023
The IANS Faculty are at the core of our Decision Support service. This group of over 100 hands-on practitioners understands the key issues you face and delivers actionable recommendations, research, and step-by-step guidance. Our collection of independent experts spans nearly every field. For each security problem you need to address, IANS can connect you with someone "in the trenches."

See publication

Tags: Cloud, Cybersecurity, National Security

4 Industry Awards
Most Trusted Risk Management Solution Company
Enterprise World
February 15, 2022

See publication

Tags: Risk Management

Annual listing of 10 companies that are at the forefront of providing Cyber Security Service and transforming businesses
CIO Review Magazine
December 06, 2021

See publication

Tags: Cybersecurity

Top Risk Management Consulting Company
Enterprise Security Magazine
August 15, 2021

See publication

Tags: Risk Management

CIO Magazine Web Businenss 50/50 Award
CIO Magazine
July 01, 1999
Each year CIO magazine recognizes 50 Internet and 50 intranet/extranet sites that go beyond customary Web commerce practices to deliver outstanding business value. The Hackett Group's intranet-based knowledge management system called Mind~Share was awarded for its sophisticated knowledge engine and expansive knowledge base which seamlessly integrates structured and unstructured information to provide vital support to everyone in the company.

See publication

Tags: Digital Transformation

2 Industry Badges
CSA Research Lead Author 2024
Cloud Security Alliane
November 15, 2024
Lead author and thought leader in the areas of:
- Zero Trust
- Governance of AI
- Cloud Security
- Key Management

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Zero Trust Training (ZTT) Contributor
Cloud Security Alliance (CSA)
December 20, 2022
Earners of the Zero Trust Training (ZTT) Contributor badge have contributed to the content creation of the Cloud Security Alliance's ZTT courseware. They have demonstrated expertise in Zero Trust principles and pillars and collaborated with CSA to provide a comprehensive education course. With their contribution, they prioritized student understanding, accessibility, and vendor neutrality to ensure student success.

See publication

Tags: Cloud, Cybersecurity, Risk Management

8 Industry Certifications
CMMC Certified Assessor (CCA)
Cyber Activities Board (Cyber AB)
July 14, 2023
CCA's assess an organizations' adequacy and sufficiency of meeting the standard set forth by the Cybersecurity Maturity Model Certification (CMMC).

The CMMC program was established by the Department of Defense (DoD) to raise the cyber hygiene of the Defense Industrial Base (DIB). Theft of intellectual property (IP) and disruptions by Advanced Persistent Threats (APTs) weaken our National Defense, compromises the war fighters, and costs the U.S. economy north of $60B per year.

Issued Jul, 2023 – Expired Jul, 2023

Credential ID 224

See credential

See publication

Tags: Business Strategy, Cybersecurity, National Security

CMMC Certified Professional (CCP)
Cyber AB
June 18, 2023

Credential ID 224

See credential

See publication

Tags: Business Strategy, Cybersecurity, National Security

Certification in Risk and Information Systems Controls
ISACA
August 19, 2021

Credential ID 2131568

See credential

See publication

Tags: Business Strategy, Cybersecurity, Risk Management

Certified Data Privacy Solutions Engineer (CDPSE)
ISACA
April 15, 2021

Credential ID 2117254

See credential

See publication

Tags: Cloud, Cybersecurity, Privacy

Cybersecurity Maturity Model Certification (CMMC) Registered Professional (RP)
CMMC AB
January 15, 2021

See credential

See publication

Tags: Cybersecurity, Digital Transformation, Risk Management

Building a Cloud Adoption Business Case
Amazon Web Services (AWS)
November 15, 2017

See publication

Tags: Business Strategy, Cloud, Cybersecurity

NSA Certified Cryptologic Engineer
National Security Agency (NSA)
February 15, 1992

See publication

Tags: Blockchain, Cybersecurity, Risk Management

Information Security (INFOSEC) Analyst
National Security Agency (NSA)
January 15, 1990

See publication

Tags: Business Continuity, Cybersecurity, Risk Management

3 Industry Council Chairs
Cloud Security Alliance (CSA) Zero Trust Leadership
Cloud Security Alliance (CSA)
November 15, 2022
Working Group Overview

This working group aims to develop Zero Trust standards to achieve consistency for cloud, hybrid and mobile endpoint environments. The topic of group discourse includes Zero Trust benefits, architecture, automation, and maturity models, publication reviews, and relevant industry forums and events.

What do we discuss?

During our meetings, we typically discuss changes in the industry and collaborate on projects the group is currently working on. This group will have the following nine workstreams:

* Zero Trust as a Philosophy & Guiding Principles
* Zero Trust Organizational Strategy & Governance
* Pillar: Identity
* Pillar: Device
* Pillar: Network/Environment
* Pillar: Applications & Workload
* Pillar: Data
* Automation, Orchestration, Visibility & Analytics
* Zero Trust Architecture, Implementation, and Maturity Model

See publication

Tags: Business Strategy, Cloud, Cybersecurity