Yes there is an ecommerce store at my Blog – Oversitesentry.com
The Blog has appropriate up to date cybersecurity issues of the day. My Shop has my books “Too Late You’re Hacked” the following image is my presskit release for my book “Too Late You’re Hacked”
or my Guide to the book above:
The Guide is also at the Shop – Oversitesentry.com for a limited time – $9 includes shipping.
The Guidebook has examples and more information to help you navigate creating a security policy and more.
Also at the Shop – Oversitesentry.com is a template for a security policy (only $10). How should you create a security policy…?
In my experience it is best to start with a basic policy then add items that are relevant to your industry (maybe there is no onsite server – only cloud systems), So onsite servers are less frequent for most business these days. But interesting to note, many policies assume you have a server room and various security systems.
In either case this is why I make the template cheap ($10) and include 2 Q&A sessions to let you know how we would start finalizing a security policy.
Then once I know your environment better and with the Q&A we will know what the project will look like. At that point I can accurately predict the cost. (Instead of saying it will be from X hours to Y hours of work). Because the reality with your environment maybe it is 3 hours or maybe it is 20 hours?
Being an ethical cybersecurity auditor makes for interesting issues (companies and situations have been sanitized for example story)
“Imagine you’re a cybersecurity auditor hired by a mid-sized company to evaluate their network security. During your audit, you discover two issues: First, there’s a minor misconfiguration in the firewall that’s easy to fix and lower-risk. Second, there is a gaping vulnerability—let’s say an outdated server — that could let hackers waltz in and steal customer data. The catch?
The IT department insisted the fixed everything last month, and your contract renewal with this client hinges on keeping them happy.
Here’s the dilemma: If you tell the IT department about both issues, you’re being fully transparent. The minor one’s no big deal—they’ll fix it and move on. But the server flaw? That could be a bombshell. It may prove malfeasance or other issues. Someone dropped the ball, and thus might get defensive, blame you for “overstepping,” or even push to end your contract to save face. Minimally there will be a loss of trust somewhere.
It is at this particular time where it is most important to make this a teaching experience and make this an etrhics exercise with all of the employees and stakeholders. Even if there is some strife or negative blowback the idea is to keep the company secure so all items must be disclosed and revealed.
Page written 4/3/25 – contact us to discuss