Privacy & Security program development and testing
About MyDataOnly, Inc.
FOUNDER and ceo, Thomas M. Scurrah
- For over 20 years, Tom has practiced as a cyber security professional in the following capacities: (1) an executive director of information security for Verizon Corporation; (2) a consultant in two cyber security consulting firms, which he co-founded and managed; and (3) a facilitator of teams of CISOs and security professionals from over 200 Fortune 2000 companies.
- As Chief Content Officer and Lead Facilitator of the Gartner CISO Coalition for over four years, Tom significantly contributed to the development of its key products and supported the growth of new clients. Tom facilitated teams of security professionals from multiple companies, in the following subject areas: Security Metrics, Cloud Computing, IoT, ICS-SCADA, GDPR, International Privacy Law, China Data Protection Law, Information Governance, Insider Threat, Role of the CISO, Mergers-Acquisition Security, Orchestration, Office 365, Malware/Ransomware, Incident Management, Threat Intelligence, Endpoint/Mobile, Cross-Border Data Transfer, Defensible Disposition, Identity and Access Management, Risk Assessment Methodologies, Point of Sale Systems, Law Enforcement, Security Operations Center (SOC), Third Party Security, Applications Security, Unstructured Data, Vulnerability Management, and White-Hat Hacking.
- Tom is a Marine Corps veteran, a graduate of MIT's Sloan School, and holder of the following certifications: CISSP, CISM, CIPP/US, and PCIP.
PRINCIPAL Staff
MH Milton, Chief Penetration Tester
Over 10 years of experience in network engineering and penetration testing
CISSP, GPEN, GCFA, GSNA, CPTS
Joe Wholley, Program Support Specialist
Over 30 years of experience in network design, support and engineering at Verizon Corporation
ISO 27001 program support expert
TC Hobbins, Application Testing Specialist
Over 10 years of experience in software engineering and penetration testing
Proficient in multiple software languages
PARTNERSHIPS
Asgard Managed Services
Business Continuity and Disaster Recovery Services
CyberEnsure LLC
PCI-DSS Support Services
Qualified Security Assessor for the Payment Card Industry
services
board and executive advisory
Understanding Your Security Program
- Security 101: Fundamentals for Executives
- Privacy & Security: Historical and futuristic perspectives
- Your company’s privacy and security profile
- Your fiduciary and transformational roles
Developing Program Insights for Effective Decision Making
- Questions to ask your security team
- Interpreting the answers to those questions
- Current industry breach and security developments
- Techniques for effective program guidance
Measuring Program Effectiveness and Improvement
- Setting the Boardroom security agenda
- The top 10 security metrics you must continuously monitor
- Measuring your Program against the industry
- Baselining your Program for continuous improvement
Engaging a Virtual CISO / Cyber Security Professional
- Advisory member of the Board
- Security Program leadership
- Fully outsourced security services
- Staff augmentation
privacy & security program FOUNDATIONAL SERVICES
- Policy and procedures development
- Risk and compliance assessments
- User and security staff education
- Security architecture and technology implementation
governance, RISK and compliance
- ISO 27001 ISMS development
- Establishment of and support to your Governance Committee
- Complying with privacy laws and regulations
- PCI-DSS assessment preparation
- Third Party security
- Security metrics
VULNERABILITIES AND CONTROLS TESTING
- Applications and infrastructure vulnerabilities scanning
- Security controls testing
- Internal and external penetration testing (Cloud and On-Prem environments)
- Remediation guidance and support
incident & business continuity management & support
- Creating an effective incident management plan
- Developing a business continuity capability
- Developing third party notification procedures
- Breach reporting assistance and support