9 Posts

Brian Evans

Senior Managing Consultant, IBM

Brian Evans, CISSP, CISM, CISA, CGEIT is a Senior Managing Consultant for IBM Security Services and assists clients in building regulatory compliant information security programs. With over 20 years of combined experience in IT management, consulting and information security, Brian has served in the role of Chief Information Security Officer for a variety of organizations and worked in various industries. He has led the Incident Response and Computer Forensic Investigations teams for Nationwide Insurance and was Vice President, IT Risk Management at KeyBank and JPMorgan Chase. Brian held director level positions with CynergisTek and Computer Task Group consultancy firms and started his career in the U.S. Air Force. He has earned a Master’s in Public Administration from the University of Cincinnati and a B.S. in Business Management from the University of Maryland.

Written By Brian Evans

Assessing Risks and Remediating Threats With a Layered Approach to Vulnerability Management

For many companies, vulnerability management still amounts to an ongoing game of whack-a-mole to identify and remediate threats.

Make Attorney-Client Privilege Part of Your Incident Response Strategy

Attorney-client privilege can be a key asset to an organization's incident response strategy in the event of a security breach.

The Importance of Building an Information Security Strategic Plan: Part 2

The CISO should be the central figure responsible for defining an organization's information security strategic plan and aligning it with business goals.

Business Continuity Management: Crisis Leadership

Effective business continuity management depends on a strong leader who must implement recovery processes, guide employees and proactively build plans.

A Business Case for Data Loss Prevention

Making the business case for data loss prevention solutions can help get executives on board with the investment, but it's not an easy task.

The Importance of Building an Information Security Strategic Plan

When developing an information security strategic plan, your business must implement initiatives and measures that reflect its long-term goals.

Key Components of a High-Performing Information Risk Management Program

Establishing a high-performing information risk management program requires efforts focused on risk identification, data protection and user behavior.

Is Your Computer Forensic Laboratory Designed Appropriately?

A computer forensic laboratory is indispensable in supporting the investigative process, but to function efficiently, it must be designed properly.

How Are You Managing Your Health Care Fraud?

Health care fraud is an ever-increasing problem, and organizations must audit and train their employees to make sure their systems can stay secure.