October 6th:
Raquel’s 50th birthday!
and Oktoberfest:
October 6/7th:
Then more Raquel’s birthday
I was on AZ Central
View this post on Instagram
Dinner with my Marine brother Efren! Always a ton of laughs and good times!
October 17th. Quick Trip to San Francisco
October 21st. 105th Build Party and Oktoberfest Part II
View this post on Instagram
October 25th: #PhoenixES3
October 26th: Friday Halloween Party
October 27th: Spookulele Concert and Dark Ones Party
National Cyber Security Awareness Month (NCSAM) – observed every October – was created as a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online.
Every day, parents and caregivers teach kids basic safety practices ‒ like looking both ways before crossing the street and holding an adult’s hand in a crowded place. Easy-to-learn life lessons for online safety and privacy begin with parents leading the way. Learning good cybersecurity practices can also help set a strong foundation for a career in the industry. With family members using the internet to engage in social media, adjust the home thermostat or shop for the latest connected toy, it is vital to make certain that the entire household ‒ including children – learn to use the internet safely and responsibly and that networks and mobile devices are secure. Week 1 will underscore basic cybersecurity essentials the entire family can deploy to protect their homes against cyber threats.
Week 2: Oct. 8–12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity
A key risk to our economy and security continues to be the shortage of cybersecurity professionals to safeguard our ever-expanding cyber ecosystem. Raising the next generation of interested and capable cybersecurity professionals is a starting point to building stronger defenses. There are limitless opportunities to educate students of all ages – from high school into higher education and beyond – on the field of cybersecurity as they consider their options. In addition, veterans and individuals who are looking for a new career or re-entering the workforce, should explore the multitude of well-paying and rewarding jobs available. Week 2 will address ways to motivate parents, teachers and counselors to learn more about the field and how to best inspire students and others to seek highly fulfilling cybersecurity careers.
Week 3: Oct. 15–19: It’s Everyone’s Job to Ensure Online Safety at Work
When you are on the job – whether it’s at a corporate office, local restaurant, healthcare provider, academic institution or government agency ‒ your organization’s online safety and security are a responsibility we all share. And, as the lines between our work and daily lives become increasingly blurred, it is more important than ever to be certain that smart cybersecurity carries over between the two. Week 3 will focus on cybersecurity workforce education, training and awareness while emphasizing risk management, resistance and resilience. NCSA’s CyberSecure My Business™ will shed light on how small and medium-sized businesses can protect themselves, their employees and their customers against the most prevalent threats.
Our day-to-day life depends on the country’s 16 sectors of critical infrastructure, which supply food, water, financial services, public health, communications and power along with other networks and systems. A disruption to this system, which is operated via the internet, can have significant and even catastrophic consequences for our nation. Week 4 will emphasize the importance of securing our critical infrastructure and highlight the roles the public can play in keeping it safe. In addition, it will lead the transition into November’s Critical Infrastructure Security and Resilience Month, which is spearheaded by the U.S. Department of Homeland Security.
The goal of all security programs is to consistently show how risk is getting lowered… or not!
But what should get reported to the leadership teams, to the executive management, and to the board? Risk Metrics on the Top 20 Security Controls!
The Critical Security Controls are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today’s most pervasive and dangerous attacks. Therefore they should be acted upon and measured.
They are:
This can be quite a daunting task to validate that the above controls are in place, even more of a challenge to validate that they are operating effectively with the right level of maturity. It can also be a lot to present this to the board all at once.
It is recommended that a phased approach come into place. Start with the first 6 controls. As presented, consider the trend of how the organization is doing per month, the average of how well the organization is doing across the number of months, and how close the number is to the level of tolerance that executive leadership has set.
Once the basic controls are in place, do the same for the foundational and organizational controls. The basics presented will be evidence enough to set priorities for the rest of the controls. Make sure to come prepared with plans, costs… to implement the other controls.
September 2: Damien is 22! We went to Ah-So Sushi for Teppanyaki and Sushi
We then left for our annual Lake Powell trip.
More photos on Google Photos here.
I was on the Ohana Ukulele Facebook page :)
September 16th. Rob would be 52 today :(
We took him to the lake today to celebrate him. I’m calling it #goodgreeffday
September 23rd. Sam Ash Customer Appreciation Day
September 23rd: 105th Build Party
September 27th: Mom visits!
August 7th: Spent the weekend doing yard work that is much needed.
August 10th: Thanks Aron for your help, hope you enjoyed being an intern here
August 12th:
I had the ISACA IIA GRC Conference and RSA Archer Summit 2018 in Nashville Tennessee and Jaime went with me
Attended the conference with my coworker Eric
Throughout the week we met with my old boss Lynn Heiberger
Ran into Darla
Reunited with Mike O’Neill
We had to go shopping of course.
August 16th: RSA Archer Summit 2018
I got to run into my old boss, mentor, and friend, Jack Jones!
Here is some Nashville hanging out pictures
August 18th, party at Camille’s
August 25th: Bartlett Lake
August 26th: 105th Build Meeting
[ngg_images source=”galleries” container_ids=”15″ display_type=”photocrati-nextgen_basic_imagebrowser” ajax_pagination=”1″ order_by=”sortorder” order_direction=”ASC” returns=”included” maximum_entity_count=”500″]
@thewatercoolers opening up @RSAsecurity #RSAArcherSummit #Risk management heroes pic.twitter.com/Mk5XId5qSg
— Gennaro (@GRCMatters) August 16, 2018
Should be an exciting week! I’m looking forward with meeting my peers and leaders in this industry and having some awesome discussion on integrated risk management!
On July 13th, we flew to Hawaii :)
This trip, instead of the usual Oahu, we flew to Kona, stayed at Sunshine’s place in Hilo for a week, then at a Condo in Kona before flying back after two weeks.
After the long flight and a warm welcome, we did some stuff! We toured the Mauna Loa Macadamia factory, it was in the middle of a ton of macadamia trees! We also went to a market where orchids were aplenty!
We took in some lunch at the Suisan Fish Market, which is amazingly fresh!
We also hit up the Slack Key festival and found Kris and Keiko Fuchigami and I got to take photos with them!
We saw a lot of the prettiness that Hilo brings!
We even went to the top of Mauna Kea, the biggest mountain in the world (from its base) to take pictures of the stars! It was really cold!
Some amazing photos from the top of Mauna Kea!
More information on the 2018 Eruption in Hilo can be found here
I got a sweet new Ukulele!
We tried to immerse ourselves in nature! The below was just a random stop at the side of the road, where there was just a little bit of a trail.
Some of the beaches were cool, some had black sand. There was this area where fresh water from the mountains and the ocean water mixed and there was a visitor we had to say hello to!
We visited some zoos and botanical gardens too!
I built an Infographic to Implement an IT Governance, Risk, and Compliance Framework and a Risk Management Framework. I do hope everyone finds it useful.
A good solid framework is a critical foundation to lay for managing risk in businesses and the infographic below can be used for more than just IT, it works for financial and enterprise risk as well.
![CarmeloWalsh[.]com](https://www.carmelowalsh.com/wp-content/uploads/2025/03/cropped-20250226_105950000_iOS.jpg)
