John G. Laskey

John Laskey is a US-based security consultant who previously worked in the British government, where he was responsible for securing systems and advising senior managers about major programs. In the US, John has taught the ISO 27001 standard and is now helping develop and market new InfoSec products and services. He is a member of ISSA (New England Chapter).

A Post-Compliant World? Part 3
By John G. Laskey on December 26, 2018
A Post-Compliant World? – Part 2
By John G. Laskey on December 20, 2018
A Post-Compliant World? – Part 1
By John G. Laskey on December 19, 2018
Security Awareness: Using Analogy, Allusion and Sayings
By John G. Laskey on February 13, 2017
When Convenience Trumps Security
By John G. Laskey on January 3, 2017
What’s So Different with Audit?
By John G. Laskey on November 4, 2016
InfoSec Facts From InfoSec fiction: How Popular Entertainment Can Help Security Awareness
By John G. Laskey on October 10, 2016
Entry Level Risk Management: Creating a First Security Risks Register
By John G. Laskey on July 15, 2016
Lessons from Writing Multiple-Choice Test InfoSec Questions
By John G. Laskey on April 15, 2016
Practical and Effective Security Incident Management
By John G. Laskey on March 15, 2016
Security in Projects: The Importance of Effective Social and Soft Skills
By John G. Laskey on February 16, 2016
Why ITIL, COBIT and Other Non-Infosec Based Frameworks Are Infosec’s Best Friends
By John G. Laskey on January 26, 2016
When Your CEO Won’t Take Security Awareness Training
By John G. Laskey on November 25, 2015
Improving the Human Firewall
By John G. Laskey on November 16, 2015
Security Awareness – Judge the Impact to Justify the Effort
By John G. Laskey on November 10, 2015
IT Security Awareness Programs
By John G. Laskey on November 3, 2015
Designing the Perfect Security Awareness Newsletter
By John G. Laskey on August 3, 2015
A Security Awareness and Training Policy Checklist
By John G. Laskey on July 29, 2015
SMBs should start with simple solutions to manage security risks
By John G. Laskey on April 14, 2015
Encryption – Anything to Declare?
By John G. Laskey on July 3, 2013

1
2
Next
Page 1 of 2

A Post-Compliant World? Part 3

A Post-Compliant World? – Part 2

A Post-Compliant World? – Part 1

Security Awareness: Using Analogy, Allusion and Sayings

When Convenience Trumps Security

What’s So Different with Audit?

InfoSec Facts From InfoSec fiction: How Popular Entertainment Can Help Security Awareness

Entry Level Risk Management: Creating a First Security Risks Register

Lessons from Writing Multiple-Choice Test InfoSec Questions

Practical and Effective Security Incident Management

Security in Projects: The Importance of Effective Social and Soft Skills

Why ITIL, COBIT and Other Non-Infosec Based Frameworks Are Infosec’s Best Friends

When Your CEO Won’t Take Security Awareness Training

Improving the Human Firewall

Security Awareness – Judge the Impact to Justify the Effort

IT Security Awareness Programs

Designing the Perfect Security Awareness Newsletter

A Security Awareness and Training Policy Checklist

SMBs should start with simple solutions to manage security risks

Encryption – Anything to Declare?