Report A Breach
1-877-550-4728
Alex Hamerstone
Advisory Solutions Director
Experience
Alex Hamerstone, QSA, ISO 27001, CISSP, is the Practice Lead for Governance, Risk Management, and Compliance at TrustedSec, and has over a decade of information security consulting experience. TrustedSec’s motto, “Information Security Made Simple,” holds true to Alex’s beliefs and his ability to deliver effective solutions to customers. Known as a passionate advocate for the clients he works with as well as the security industry, Alex uses his consulting experience to partner with all sizes of organizations in all verticals, performing assessments, audits, and security program development. Alex has designed security programs for both large and small organizations and has advised and performed security assessments for companies ranging from small businesses to Fortune 100 corporations. Alex’s experience covers a wide swath of industries, including retail, utilities, education, insurance, and healthcare, providing him with a unique view into the ways that organizations effectively integrate security into business. Additional areas of expertise include program development, process creation, documentation, regulatory compliance, cloud implementation, security awareness, standards adherence, and international information security regulations. He has presented to many Boards of Fortune 500 companies, showcasing his sought-after ability to articulate the importance of information security to the business. Prior to TrustedSec, Alex was the Compliance Officer for a software company with enterprise customers in over 27 countries, which was purchased by Oracle. As Compliance Officer, he was ultimately responsible for ensuring that the company complied with a multitude of data security laws and regulations all over the world, as well as ensuring that employees met corporate standards.
Education & Certifications
Baldwin Wallace College, Bachelor of Arts Degree in Business Administration, CISSP, QSA, ISO 27001 Provisional Auditor
Industry Contributions
Alex is a constant presence on the national media, with many appearances on Fox News, CNN, CBS News, MSNBC, Al Jazeera, Morning Dose, Cheddar, Huffington Post TV, and multiple local news channels. He is often quoted as an expert in national general interest articles as well as industry publications. A prolific writer, he has written articles for FedTech and Pipeline magazines and is an author of “Wireless Reconnaissance in Penetration Testing,” published in 2012 by Syngress. He is a frequent presenter worldwide at conferences both within and outside of the information security industry, with keynote addresses to groups such as ISSA and ISACA. He is especially adept at presenting to industry groups outside of IT and has presented at many conferences including those focused on accounting, manufacturing, healthcare, and non-profit.
Passion for Security
Alex’s passion for information security goes beyond the technical. He is deeply invested in working with clients to improve their overall information security and develop industry-leading programs. He enjoys sharing his insights and experience gained while working with companies of all sizes and verticals.
Recent Blog Posts
Yes, It’s Time for a Security Gap Assessment
For many organizations, rapidly implementing work-from-home initiatives over the past year due to the COVID-19 pandemic required quickly rolling out new processes and deploying new technologies without adequate time for attention to Information Security standards. Perhaps your company recently acquired a new line of business, and you want to make sure the integration won’t adversely...
Read
Want Better Alerting? Consider Your Business Processes
Logging, monitoring, and alerting programs are some of the most critical elements of any security and compliance program, but traditional approaches for implementing and upgrading these capabilities are often noisy, expensive, and laborious. Traditional Alerting Approaches are Failing During program assessments, we find that a lot of clients are generating so many alerts that they...
Read
Vendor Enablement: Rethinking Third-Party Risk
Third-party risk management is an essential element of information security. It is common to see news about a large company being breached, and after learning more, you find out the breach was the result of a vendor. When you depend on another organization for a critical business process and allow them access to your network,...
Read
Recent Webinars
The Ransomware Simulation
On September 30, 2021 TrustedSec gathered a panel of our experts to discuss threat hunting tactics and provided guidance for responding to ransomware attacks in front of a live audience. A range of strategies were presented regarding detection, deflection, and...
CMMC: Feedback From the Trenches
Recorded on Wednesday, March 3rd, 2021 Early Lessons Learned on Cybersecurity Maturity Model Certification If you are in possession of Federal Contract Information (FCI) or Controlled Unclassified Information (CUI) and are looking to get ahead in your Cybersecurity Maturity Model...
Getting a Grip on CMMC—Tips and Tricks for the new Cybersecurity Maturity Model Certification
This webinar was recorded on April 22, 2020. If you are in possession of Federal Contract Information (FCI) or Controlled Unclassified Information (CUI), now is the time to better address security and the new Cybersecurity Maturity Model Certification (CMMC). Not...
Recent Podcasts
Sealing Wax and Other Fancy Stuff
January 24, 2022
How the Sausage is a Made
January 24, 2022
It's Zero-day in the Mobile Phone World
January 24, 2022
