Alex Hamerstone

Advisory Solutions Director

Experience

Alex Hamerstone, QSA, ISO 27001, CISSP, is the Practice Lead for Governance, Risk Management, and Compliance at TrustedSec, and has over a decade of information security consulting experience. TrustedSec’s motto, “Information Security Made Simple,” holds true to Alex’s beliefs and his ability to deliver effective solutions to customers. Known as a passionate advocate for the clients he works with as well as the security industry, Alex uses his consulting experience to partner with all sizes of organizations in all verticals, performing assessments, audits, and security program development. Alex has designed security programs for both large and small organizations and has advised and performed security assessments for companies ranging from small businesses to Fortune 100 corporations. Alex’s experience covers a wide swath of industries, including retail, utilities, education, insurance, and healthcare, providing him with a unique view into the ways that organizations effectively integrate security into business. Additional areas of expertise include program development, process creation, documentation, regulatory compliance, cloud implementation, security awareness, standards adherence, and international information security regulations. He has presented to many Boards of Fortune 500 companies, showcasing his sought-after ability to articulate the importance of information security to the business. Prior to TrustedSec, Alex was the Compliance Officer for a software company with enterprise customers in over 27 countries, which was purchased by Oracle. As Compliance Officer, he was ultimately responsible for ensuring that the company complied with a multitude of data security laws and regulations all over the world, as well as ensuring that employees met corporate standards.

Education & Certifications

  • Baldwin Wallace College, Bachelor of Arts Degree in Business Administration
  • Certified Information Systems Security Professional (CISSP)
  • Qualified Security Assessor (QSA)
  • ISO 27001 Provisional Auditor

Industry Contributions

Alex is a constant presence on the national media, with many appearances on Fox News, CNN, CBS News, MSNBC, Al Jazeera, Morning Dose, Cheddar, Huffington Post TV, and multiple local news channels. He is often quoted as an expert in national general interest articles as well as industry publications. A prolific writer, he has written articles for FedTech and Pipeline magazines and is an author of “Wireless Reconnaissance in Penetration Testing,” published in 2012 by Syngress. He is a frequent presenter worldwide at conferences both within and outside of the information security industry, with keynote addresses to groups such as ISSA and ISACA. He is especially adept at presenting to industry groups outside of IT and has presented at many conferences including those focused on accounting, manufacturing, healthcare, and non-profit.

Passion for Security

Alex’s passion for information security goes beyond the technical. He is deeply invested in working with clients to improve their overall information security and develop industry-leading programs. He enjoys sharing his insights and experience gained while working with companies of all sizes and verticals.

Recent Blog Posts

Yes, It’s Time for a Security Gap Assessment

By Alex Hamerstone
In Attack Path Effectiveness Review, Business Risk Assessment, Managed Services, Operational Performance Maturity Assessment, Penetration Testing, Privacy & GDPR Compliance Assessment, Program Assessment & Compliance, Program Maturity Assessment, Security Program Assessment
For many organizations, rapidly implementing work-from-home initiatives over the past year due to the COVID-19 pandemic required quickly rolling out new processes and deploying new technologies without adequate time for attention to Information Security standards. Perhaps your company recently acquired a new line of business, and you want to make sure the integration won’t adversely...
Read

Want Better Alerting? Consider Your Business Processes

By Rick Yocum and Alex Hamerstone
In Architecture Review, Attack Path Effectiveness Review, Business Risk Assessment, Managed Services, Program Assessment & Compliance, Program Development, Program Maturity Assessment, Security Program Assessment, Security Program Management
Logging, monitoring, and alerting programs are some of the most critical elements of any security and compliance program, but traditional approaches for implementing and upgrading these capabilities are often noisy, expensive, and laborious. Traditional Alerting Approaches are Failing During program assessments, we find that a lot of clients are generating so many alerts that they...
Read

Vendor Enablement: Rethinking Third-Party Risk

By Alex Hamerstone and Rick Yocum
In Business Risk Assessment, Mergers & Acquisitions Security Assessment, Operational Performance Maturity Assessment, Program Assessment & Compliance, Program Maturity Assessment, Security Program Assessment
Third-party risk management is an essential element of information security. It is common to see news about a large company being breached, and after learning more, you find out the breach was the result of a vendor. When you depend on another organization for a critical business process and allow them access to your network,...
Read
View all posts from Alex

Recent Webinars

Adding Value to a Traditional Penetration Test

Another Penetration Test? Penetration testing your environment is one of the most important tasks an organization can perform. It is part of every regulation and industry security standard for good reason. However, there are times when performing a penetration test...
Watch

Natural Security Benefits for InfoSec Leadership

‘Our Program has Grown Organically.’ Regardless of the type of industry or business, security leaders struggle to overcome inherent roadblocks in how security programs develop over time. Security programs tend to mature through problem resolution and struggle to maintain consistent...
Watch

The Ransomware Simulation

On September 30, 2021 TrustedSec gathered a panel of our experts to discuss threat hunting tactics and provided guidance for responding to ransomware attacks in front of a live audience. A range of strategies were presented regarding detection, deflection, and...
Watch
View all webinars from Alex

Recent Podcasts

TrustedSec Security Podcasts

Uber Responsibility

October 05, 2022

Pre-Shared (Private) Keys

October 05, 2022

Privacy Screen

October 05, 2022

Want to work with Alex Hamerstone or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us