Rhonda Rummerfield
@rhondarummerfield.bsky.social
Overthinker navigating the world of securing things—whether it’s data, networks, or my own social awkwardness.
My preferred drink is Old Forester 1910 neat, never been a Gin fan but don’t sleep on Suntory’s Roku Gin.
November 26, 2024 at 5:16 PM
My preferred drink is Old Forester 1910 neat, never been a Gin fan but don’t sleep on Suntory’s Roku Gin.
🛡️ Day 8 of My CISSP Journey: Personnel security is essential!
✅ Key Tips:
Employees are security assets, not liabilities.
Enforce least privilege & conduct regular access reviews.
Use UBA/UEBA to spot anomalies.
Mandatory vacations = compliance checks + fraud detection.
✅ Key Tips:
Employees are security assets, not liabilities.
Enforce least privilege & conduct regular access reviews.
Use UBA/UEBA to spot anomalies.
Mandatory vacations = compliance checks + fraud detection.
November 25, 2024 at 10:39 PM
🛡️ Day 8 of My CISSP Journey: Personnel security is essential!
✅ Key Tips:
Employees are security assets, not liabilities.
Enforce least privilege & conduct regular access reviews.
Use UBA/UEBA to spot anomalies.
Mandatory vacations = compliance checks + fraud detection.
✅ Key Tips:
Employees are security assets, not liabilities.
Enforce least privilege & conduct regular access reviews.
Use UBA/UEBA to spot anomalies.
Mandatory vacations = compliance checks + fraud detection.
🚀 Day 7 of My CISSP Journey: Effective Security Management
Aligning security with business goals ensures better risk, resource use, and resilience.
🔑 Key Insights:
CISO autonomy strengthens oversight.
Regular risk assessments prevent vulnerabilities.
Dynamic plans adapt to evolving threats.
Aligning security with business goals ensures better risk, resource use, and resilience.
🔑 Key Insights:
CISO autonomy strengthens oversight.
Regular risk assessments prevent vulnerabilities.
Dynamic plans adapt to evolving threats.
November 24, 2024 at 10:39 PM
🚀 Day 7 of My CISSP Journey: Effective Security Management
Aligning security with business goals ensures better risk, resource use, and resilience.
🔑 Key Insights:
CISO autonomy strengthens oversight.
Regular risk assessments prevent vulnerabilities.
Dynamic plans adapt to evolving threats.
Aligning security with business goals ensures better risk, resource use, and resilience.
🔑 Key Insights:
CISO autonomy strengthens oversight.
Regular risk assessments prevent vulnerabilities.
Dynamic plans adapt to evolving threats.
🚀 Day 6 of My CISSP Journey: Third-Party Governance
🛡️ Minimize risks with compliance, audits & alignment.
🌍 Address threats: outdated policies, weak audits & misaligned M&As.
🧭 Align security with strategy for resilience & adaptability.
🛠️ Empower teams, update policies & audit regularly.
🛡️ Minimize risks with compliance, audits & alignment.
🌍 Address threats: outdated policies, weak audits & misaligned M&As.
🧭 Align security with strategy for resilience & adaptability.
🛠️ Empower teams, update policies & audit regularly.
November 23, 2024 at 5:36 PM
🚀 Day 6 of My CISSP Journey: Third-Party Governance
🛡️ Minimize risks with compliance, audits & alignment.
🌍 Address threats: outdated policies, weak audits & misaligned M&As.
🧭 Align security with strategy for resilience & adaptability.
🛠️ Empower teams, update policies & audit regularly.
🛡️ Minimize risks with compliance, audits & alignment.
🌍 Address threats: outdated policies, weak audits & misaligned M&As.
🧭 Align security with strategy for resilience & adaptability.
🛠️ Empower teams, update policies & audit regularly.
Day 5 of my CISSP journey: exploring security governance—the link between security & business. 🌐
Key takeaways:
Security isn’t just IT’s job; it’s business-wide.
Audit, adapt, & align with growth.
Vendor-neutral standards (ISO 27001, NIST SP 800-53) offer guidance.
Governance = resilience. 🚀
Key takeaways:
Security isn’t just IT’s job; it’s business-wide.
Audit, adapt, & align with growth.
Vendor-neutral standards (ISO 27001, NIST SP 800-53) offer guidance.
Governance = resilience. 🚀
November 22, 2024 at 10:42 PM
Day 5 of my CISSP journey: exploring security governance—the link between security & business. 🌐
Key takeaways:
Security isn’t just IT’s job; it’s business-wide.
Audit, adapt, & align with growth.
Vendor-neutral standards (ISO 27001, NIST SP 800-53) offer guidance.
Governance = resilience. 🚀
Key takeaways:
Security isn’t just IT’s job; it’s business-wide.
Audit, adapt, & align with growth.
Vendor-neutral standards (ISO 27001, NIST SP 800-53) offer guidance.
Governance = resilience. 🚀
🚀 Day 4 of My CISSP Journey: Security Boundaries
🔑 Security boundaries separate zones (e.g., LAN vs. Internet).
Logical: firewalls, access control.
Physical: walls, fences.
🎯 Tip: Balance security costs with asset value.
Boundaries aren't just defense—they're strategy. #CISSP
🔑 Security boundaries separate zones (e.g., LAN vs. Internet).
Logical: firewalls, access control.
Physical: walls, fences.
🎯 Tip: Balance security costs with asset value.
Boundaries aren't just defense—they're strategy. #CISSP
November 21, 2024 at 11:26 PM
🚀 Day 4 of My CISSP Journey: Security Boundaries
🔑 Security boundaries separate zones (e.g., LAN vs. Internet).
Logical: firewalls, access control.
Physical: walls, fences.
🎯 Tip: Balance security costs with asset value.
Boundaries aren't just defense—they're strategy. #CISSP
🔑 Security boundaries separate zones (e.g., LAN vs. Internet).
Logical: firewalls, access control.
Physical: walls, fences.
🎯 Tip: Balance security costs with asset value.
Boundaries aren't just defense—they're strategy. #CISSP
Day 3 CISSP insights: Why the DAD Triad matters (Disclosure, Alteration, Destruction). The antidote? AAA Services: Identification, Authentication, Authorization. Add Auditing & Accounting to keep breaches at bay. Defense in Depth isn’t a buzzword—it’s a survival kit. #CISSPJourney
November 20, 2024 at 3:23 PM
Day 3 CISSP insights: Why the DAD Triad matters (Disclosure, Alteration, Destruction). The antidote? AAA Services: Identification, Authentication, Authorization. Add Auditing & Accounting to keep breaches at bay. Defense in Depth isn’t a buzzword—it’s a survival kit. #CISSPJourney