I have been really busy since my last post. In May, I started a new contract as Information Security Officer working as Lead ISO 27001 Implementor. After getting the company to be ISO 27001 compliant successfully in seven months, I started a new contract in parallel, then a few months later now into another industry entirely.
Most of what I have been doing, especially since early 2022m has been around these concepts:
- Information Security Management and Governance
- Risk Management
- Information Security Compliance and Data Protection
- Security Assessments and Testing
- Anything ISO 27001 related (Security Awareness, Testing, Change Management, the whole Annexes) from May 2021
Getting (back) into also software.