EXPERIENCE
Prior to joining TrustedSec, Chris Camejo spent 21 years working in various InfoSec roles, from the Security Operations Center to threat intelligence. Along the way, Chris' primary focus became vulnerability assessments, penetration testing, and compliance assessments.
EDUCATION & CERTIFICATIONS
- Certified Information Systems Security Professional (CISSP)
- Cybersecurity Maturity Model Certification Registered Practitioner (CMMB-AB)
- Qualified Security Assessor (PCI SSC)
- Certified Information Systems Security Professional (CISSP)
- ISO 27001 Lead Auditor
- National Security Agency INFOSEC Assessment Methodology (NSA IAM)
- National Security Agency INFOSEC Evaluation Methodology (NSA IEM)
PROFESSIONAL AFFILIATIONS
(ISC)2
INDUSTRY CONTRIBUTIONS
Chris has been a frequent contributor to the global InfoSec industry, conducting and presenting security research at major industry conferences including Black Hat USA, RSA Conference, and DEF CON, and participating in interviews with the media to help shed light on the latest security vulnerabilities and breaches.
PASSION FOR SECURITY
Chris takes pride in translating the deeply technical aspects of InfoSec into real-world risks and action items that organizations can use to understand the impact of an ever-changing threat landscape.
Featured Blogs and Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Demystifying ISO 27001: From Certification to Integration
Join Chris Camejo, Compliance Services Practice Lead, and get the knowledge and guidance you need to demystify your compliance journey with ISO 27001.
Why Risk Assessments are Essential for Information Security Maturity
Introduction Many compliance frameworks require Information Security Risk Assessments, and some organizations may receive third-party requests for Risk…
Compliance Abuse: When Compliance Frameworks are Misapplied
Introduction Here at TrustedSec, we help our clients achieve and maintain compliance with a variety of Information Security and privacy frameworks. We often…
The Value of Compliance: Minimizing the Impact of PCI DSS 4.0
Get practical advice and resources to help your business navigate the road ahead from our expert speaker, Chris Camejo, Compliance Services practice lead and a…
Real or Fake? How to Spoof Email
I briefly mentioned how easy it is to forge email sender addresses in a previous blog post that described the steps I took to determine whether a suspicious…
How we’re making sense of CMMC 2.0
On November 5, 2021, the Office of the Secretary for the Department of Defense produced a document outlining updates for the Cybersecurity Maturity Model…
Building a System Security Plan (SSP) that Matters
Join Security Consultants Chris Camejo and Jared McWherter to gain a better understanding of SSPs and learn practical information that can help with any SSP…
Cloud Compliance: Picking a Framework and Simplifying Your Approach
Join GRC Principal Security Consultant Chris Camejo and Senior Security Consultant Jonathan White as they help organizations traverse this IT-disrupting shift.
Real or Fake? When Your Fraud Notice Looks Like a Phish
So I Received a Phishing Email… I recently received an email indicating my credit card number had potentially been stolen and used for fraud. At this point, I…
Real or Fake? Spoof-Proofing Email With SPF, DKIM, and DMARC
I briefly mentioned using DKIM to verify an email's sender in a previous blog post that described the steps I took to determine whether a suspicious email was…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
