Category: Information Security

• A Security Framework Cheat Sheet

  

  Working in Governance, Risk, and Compliance involves understanding security frameworks’ purpose and application. This cheat sheet organizes frameworks into four categories: risk governance, control catalogs, certifiable standards, and laws. Key frameworks include NIST, ISO, and PCI DSS. Learning the underlying controls makes each framework clearer. Ultimately, organizations should prioritize genuine security over mere compliance, as…

  stocktontravis

  2026-06-11

  Cybersecurity, Information Security

  cheatsheets, Cybersecurity, frameworks, Infosec

• “What to Do When You’re Hacked: A Plain-English Incident Response Guide”

  

  Maybe someone just called you indicating that they received an email from you that seemed odd. Or, maybe your bank is indicating that you made a transaction that you know you didn’t make and your account’s balance is a little lower as a result. Or maybe your PC is indicating that your files are encrypted…

  stocktontravis

  2026-04-06

  Cybersecurity, Incident Response, Information Security, Tech

  cyber attack, Cybersecurity, data breach, hacked, Incident Response, individual security, Security, small business security, Technology

• Vendor Security Questionnaire

  Contact Information Company Name: _____________________________________________________________________ Respondent Name: _________________________________      Phone: _________________________ Respondent Business Email Address: ______________________________________________________ Respondent Title: ______________________________________________________________________ Incident Response Contact Name: _________________________________________________________ Incident Response Contact Title: ___________________________________________________________ Incident Response Contact Phone: _________________________________________________________ Incident Response Contact Email Address: ___________________________________________________ Basics & Email Security Yes                               No Yes                               No Yes                               No Yes                               No Yes                               No Yes                               No…

  stocktontravis

  2023-09-06

  Information Security

  Cybersecurity, Information Security, Infosec, Supply Chain, Vendor, Vendor Security

• Book Review: InfoSec Strategies and Best Practices

  I just finished reading InfoSec Strategies and Best Practices by Joseph MacMilan last week. I have to say that if you want one book to read on the Information Security field, this is a pretty good choice. Not only did the book go over some of the basics of information security like the CIA Triad…

  stocktontravis

  2023-08-13

  Book Reviews, Information Security, Tech

  Book Reviews, Education, Information Security, Infosec, IT, Learning

• Cybersecurity Frameworks

  I just did a post about my experience with the GRC Masterclass that Dr. Gerald Auger created. It was a great class and I highly recommend taking the class. With this post though, I wanted to highlight some of the major frameworks and give a general overview (and honestly a nice set of links to…

  stocktontravis

  2023-01-28

  Cybersecurity, Information Security, Tech

  Audit, Cybersecurity, GRC, Information Technology, IT, Security, Security Frameworks