« Back

Kerry Ann Anderson Author of Evaluating Organization Development
FEATURED AUTHOR

Kerry Ann Anderson


Kerry Anderson has 16 years of experience in security & compliance. She has been awarded an MBA, MSCIS, and MSIA. She recently completed a Certificate in Advanced Computer Security from Stanford University. She holds the following professional certifications: CISA, CISM, CRISC, CGEIT, CISSP, ISSMP, ISSAP, CSSLP, CFE, and CCSK. She is an adjunct professor of cybersecurity, author of numerous articles, and frequent conference speaker.

Subjects: Business & Management, Computer Science & Engineering, Information Technology

Education

    Nortwich University (MSIA), Anna Maria College (MBA), Bentley University (MSCIS)

Areas of Research / Professional Expertise

    Internal IT Audit/Risk Oversight,  Business Continuity/ Disaster Recovery, State Privacy Laws, 3rd Party Security Risk Assessment, Compliance Management, Application Development, IT Risk Assessment, Software Testing, Policy And Standards Development, Records Management, PCI-DSS, GLBA,  Vulnerability Management, Policy Development & Governance, Sarbanes-Oxley, And Web-Based Architecture Development

Books

Featured Title
Featured Title - The Frugal CISO: Using Innovation & Smart Approaches - 1st Edition book cover

Articles

ISSA Journal April 2014

The Vulnerability Management Starter Kit - Part 2


Published: Apr 01, 2014 by ISSA Journal April 2014
Authors: Kerry Ann Anderson
Subjects: Information Technology

Offers smart practices to develop and mature an existing vulnerability management program.

InfoSecurity Processional (Publication of ISC2)

A ‘HOUSE’ FULL OF INSPIRATION


Published: Feb 01, 2014 by InfoSecurity Processional (Publication of ISC2)
Authors:
Subjects: Information Technology

Using a fictional medical diagnostician as a muse can help solve difficult cyber security mysteries

ISSA Journal February 2014

The Vulnerability Management Starter Kit - Part 1


Published: Feb 01, 2014 by ISSA Journal February 2014
Authors: Kerry Ann Anderson
Subjects: Information Technology

Vulnerability management is a cornerstone of any effective information security program. In this article the author concentrates on building a solid foundation for a VM program.

ISSA Journal

The Importance of Considering Generational Differences in Security Awareness Pro


Published: Jan 01, 2014 by ISSA Journal
Authors: Kerry Ann Anderson

Research has soon diverse differences in on-line behaviors, attitudes toward policy compliance and privacy, and security technology knowledge across the potential five generational groups in today’s workforce. It is important that information security programs consider generational differences and incorporate strategies into programs to effectively reach each generational group.

ISSA Journal

Ways to Survive an Audit: Tips to Making Audits Easier for You and the Auditor


Published: Nov 01, 2013 by ISSA Journal
Authors: Kerry Ann Anderson
Subjects: Information Technology

Lets’ face it, few of us looking forward to an audit. Audits can be stressful for all those involved, both auditors and auditees. However, going into an audit with a great attitude and survival tips can make the engagement easier and more productive.

ISSA Journal

Overcoming Barriers Between InfoSec and IT Audit Practitioners


Published: Sep 01, 2013 by ISSA Journal
Authors: Kerry Ann Anderson
Subjects: Information Technology

The relationship between Audit and Information Security practitioners has often been tenuous and beleaguered by misunderstandings of each other’s roles and obsolete stereotypes. This article discusses potential ways to break away from these old misconceptions and establish a common ground for facilitating strong working relationships.

ISACA Journal Volume 4 2013

Navigating the Path From Information Security Practitioner to Professional


Published: Jul 01, 2013 by ISACA Journal Volume 4 2013
Authors: Kerry Ann Anderson
Subjects: Information Technology

An information security practitioner must acquire core competencies to develop a holistic perspective to effectively manage security within today’s global and highly interconnected world.

ISSA Journal

Building a Better IA Degree and Promoting Cyber Security Education


Published: May 01, 2013 by ISSA Journal
Authors: Kerry Ann Anderson
Subjects: Information Technology

For thirteen years, colleges and universities have offered degree programs and concentrations with a focus on cyber security. Much of the initial impetus in the development of these programs can be attributed to the creation National Centers of Academic Excellence (CAE) by the Nation Security Agency (NSA) to encourage universities and students to enter the information security profession.

ISSA Journal

Information Security Professional 2.0: Building the Next Generation Cyber Securi


Published: Apr 01, 2013 by ISSA Journal
Authors: Kerry Ann Anderason
Subjects: Information Technology

This article explores a prototype for the next generation of Information Security professionals (NextGens). It discusses the attributes NextGens will need to manage the exponential changes in the technology, social, and business landscapes over the next decades.

ISSA Journal January 2013

Can We Make Information Security Awareness Training Stickier?


Published: Jan 01, 2013 by ISSA Journal January 2013
Authors: Kerry Ann Anderson
Subjects: Information Technology

Most information security practitioners, on occasion, have had some frustrations regarding the relative effectiveness of security awareness education, leading some to consider whether it is worth the cost because incidents created by end users continue to occur. This article discusses some techniques to increase the “stickiness” of security awareness training efforts and increase the return on.investment.

+ view more

Photos

Videos

InfoSec Video

Published: Aug 01, 2014