Guidepost in Motion EP 13: Cybersecurity Frameworks and Metrics for Effective Governance and Risk Management Part 2

Kenneth Mendelson CISSP, CIPP, CISA, PCIP July 18, 2021

Ken Mendelson welcomes back Andy Cottrell, the founder and CEO of cybersecurity consulting firm Truvantis to talk more about cybersecurity frameworks. They discuss the difference between a cyber audit and cyber assessment and which method to employ, as well as the critical role of a cybersecurity expert and how to position this professional on a company’s organization chart.



Missed Part 1?  LISTEN HERE


Ken Mendelson in a suit and tie smiling for a professional photograph

Kenneth Mendelson CISSP, CIPP, CISA, PCIP

Senior Managing Director

Ken Mendelson has spent more than 30 years at the intersection of law, information technology and public policy. As a member of the National Security Practice, Ken manages governance, risk and compliance projects and investigations, and conducts monitorships and third-party audits in connection with mitigation agreements enforced by the Committee on Foreign Investment in the United States (CFIUS). In addition, he assists established and emerging companies with implementing and maintaining cybersecurity and privacy programs by developing cybersecurity policies, procedures and guidelines, and conducting risk-based cybersecurity assessments.