Many organizations that must comply with the Payment Card Industry Data Security Standard (PCI DSS) are asking what the differences are between QSA’s and ISA’s and which direction they should take with their program. We address this question in the latest TheatView whitepaper.
You can download the latest ThreatView here: ThreatView – August 2012 QSA vs. ISA
Carl specializes in designing and implementing Cybersecurity programs that incorporate risk reduction strategies aligned to industry standards while minimizing business operational disruptions.
Carl has acted as the interim CISO for multiple healthcare organizations, in which responsibilities include developing cybersecurity strategies that incorporate Key Performance Indicators (KPI), overseeing and executing the implementation of cybersecurity tooling, and managing the day to day operations and personnel of the team.
Carl is a subject matter expert in Payment Card Industry Data Security Standards (PCI DSS). Carl has performed multiple cybersecurity risk assessments against industry leading frameworks including NIST CSF, ISO 27001, PCI DSS, and FFIEC.
Carl regularly presents to executive management to communicate cybersecurity risks and strategy. He oversees a consulting division of ~40 personnel and acts as Chief Compliance Officer for Security Risk Advisors.