Aaron Weismann

Aaron Weismann is a healthcare industry CISO with over a decade of strategic management, technology, and information security experience. He deepest experience is in managing and securing sophisticated and highly regulated environments.

His expertise includes:

- Driving IT and data governance strategy

- Managing complex security landscapes across sites, endpoints, and cloud structures.

- Translating highly technical information security, technology, and governance concepts into communications for all organizational levels

In The Press

Recent citations of Aaron's writing include:

BitDefender: Recent cybersecurity study reveals top US states to suffer data breaches
MSSP Alert: Managed Security Services Provider (MSSP) Market News: 22 February 2023
R Street Institute: Considerations for Florida’s 2023 Privacy Journey
Help Net Security: 10 US states that suffered the most devastating data breaches in 2022
Beckers Hospital Review: Georgia health system's operations disrupted by cyberattack

Latest from Aaron Weismann

HITRUST certification costs

How Much Does HITRUST Certification Cost? 7 Key Factors

If you’re thinking about embarking on your HITRUST Common Security Framework (CSF) certification process, you’re probably wondering how much it’ll set you back. It’s an important consideration and, frankly, may force a decision not to certify your organization’s security controls against the HITRUST CSF. I think it’s critical to make the case for an informed …

How Much Does HITRUST Certification Cost? 7 Key Factors Read More »

HITRUST gap assessments

Explained: HITRUST Gap Assessments Are Not Like The Others

Depending on who you talk to, the definition of a HITRUST “Gap Assessment” may sound very different. That’s because the HITRUST CSF nomenclature departs slightly from common security parlance. That’s a good thing, in my opinion, because the HITRUST CSF is exacting with pre- and post-certification process requirements. In this article, we’ll dig into what …

Explained: HITRUST Gap Assessments Are Not Like The Others Read More »

gdpr penetration testing

Why Do Penetration Testing for GDPR? Article 32 & Much More

If you’re a company that needs to comply with the General Data Protection Regulation (GDPR), you’re probably wondering whether or not you need to run penetration tests. Penetration testing assessing and evaluating corporate infrastructure is a critical part of any security program, but is it needed by law to protect personal data from a data …

Why Do Penetration Testing for GDPR? Article 32 & Much More Read More »

penetration testing for iso 27001

Should You Do Penetration Testing for ISO 27001? A CISO Explains

ISO 27001 is a robust security framework that comprehensively evaluates and certifies an organization’s security posture. What does it have to say about an organization’s exposure to security vulnerabilities? What requirements are there for ISO 27001 penetration testing? In this article, I’ll work to answer those questions and more. My goal is to demystify ISO …

Should You Do Penetration Testing for ISO 27001? A CISO Explains Read More »

hipaa penetration testing

Penetration Testing for HIPAA: Requirements, Costs & More

Many healthcare providers, covered entities, and business associates are unclear about whether they need penetration testing for HIPAA compliance. As a healthcare industry CISO, this has never surprised me: The documentation on this point is at times unclear, and even compliance consultants have been known to advise on it inaccurately. In this article, I’ll attempt …

Penetration Testing for HIPAA: Requirements, Costs & More Read More »

penetration testing for small business

Penetration Testing for Small Business: The What, Why & How Much

Penetration testing is an imposing term. A lot of small businesses don’t understand what it is, why they need it, or how much it costs. Or if they do, they understand the consequences: expensive technology investments. Consequently, penetration testing is a daunting proposition. What many a small company doesn’t understand is that their business’ success …

Penetration Testing for Small Business: The What, Why & How Much Read More »

soc 2 readiness assessment

Is a SOC 2 Readiness Assessment Worth It? Comparing Costs & Benefits

A SOC 2 readiness assessment, like other kinds of readiness assessments, highlights an organization’s ability to succeed in an assessment against a framework baseline. Readiness assessments are particularly helpful in driving cost savings for assessments, but take time and effort to conduct. In this article, I’ll outline what a SOC 2 readiness assessment is and …

Is a SOC 2 Readiness Assessment Worth It? Comparing Costs & Benefits Read More »

Network Assured on Facebook     Network Assured on Twitter
Copyright © 2022 Network Assured