I have been really busy since my last post. In May, I started a new contract as Information Security Officer working as Lead ISO 27001 Implementor. After getting the company to be ISO 27001 compliant successfully in seven months, I started a new contract in parallel, then a few months later now into another industry entirely.

Most of what I have been doing, especially since early 2022m has been around these concepts:

  • Information Security Management and Governance
  • Risk Management
  • Information Security Compliance and Data Protection
  • Security Assessments and Testing
  • Anything ISO 27001 related (Security Awareness, Testing, Change Management, the whole Annexes) from May 2021

Getting (back) into also software.