Identified Expertise

  1. Security & GRC29
  2. Engineering8
  3. Threat & Vulnerability Management8
  4. Process Management7
  5. Applications & Platforms7

Content Naseem is Following

Do you trust the data & reports from the big analysts?

Strategy & Architecture

Yes

No

Sometimes

View Results
111.8k viewscircle iconLightbulb on123 Upvotescircle icon58 Comments

Are you happy in your current role?

People & LeadershipTalent Management & Performance

Yes

No

Unsure

View Results
32.4k viewscircle iconLightbulb on18 Upvotescircle icon17 Comments

The recent MGM breach was made possible by a bad actor social engineering the help desk into providing them access. Does your organization take steps to authenticate callers to your help desk before the help desk performs any actions that may allow access (changing passwords, resetting/disabling/reconfiguring MFA etc.)  If yes, how have these methods worked out? Were they effective and did you get any pushback from users?

Naseem Halder
Naseem HalderHead of Information Security in Healthcare and Biotech2 years ago

on a separate note, as an idea, have rules that will alert if people want to disable MFA. 

Read More Comments
2.5k viewscircle icon3 Comments

Are there best practices or staffing models available to assist with setting up a team specific to the management, tracking, compliance and reporting of identified risks and issues.  Ie What's the right ratio of people to identified issues to properly manage those items to completion?

Security & GRC
Naseem Halder
Naseem HalderHead of Information Security in Healthcare and Biotecha year ago
ratio of people to identified issues, depending on the size and complexity of the business, nature industry, and the level of risk appetite. Organizations should try to achieve a balance between resource requirements to attend ...read more
Read More Comments
1.1k viewscircle icon2 Comments