EXPERIENCE
Rick Yocum has been helping organizations elevate their security and compliance practices for more than 16 years. Rick has consulted for—and led—InfoSec programs at organizations of all sizes and in nearly all industries, and has extensive experience in the fields of education, finance, government, manufacturing, logistics, and service delivery. Pragmatic and resourceful, Rick provides actionable security and compliance solutions through a combination of simplification, creative reuse of existing tools/processes, and the application/reinforcement of proven security and compliance patterns.
EDUCATION & CERTIFICATIONS
- Bachelor of Science, Accounting Information Systems, Duquesne University
- Bachelor of Science, Management Information Systems, Duquesne University
- Certified Data Privacy Solutions Engineer (CDSPE), ISACA
- ISO Lead Auditor, BSI
INDUSTRY CONTRIBUTIONS
Rick is an active participant in the InfoSec community and has spoken at a variety of industry events including BSides, ISSA, IANS, and the CSO Breakfast Club. He currently serves on the organizing committee for BSides Pittsburgh.
PASSION FOR SECURITY
Rick is passionate about identifying and exploring creative ways to enhance security and compliance programs—from using theater to train Incident Response teams to utilizing iconography to communicate the nature and status of control environments. Additionally, Rick is working on programs to better leverage behavioral economics, game theory, and psychology-adjacent fields to improve organizational security posture and reduce an industry-wide shortage of skilled security practitioners.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Making Cyber Insurance Questionnaires Work For Your Security Program
Join Dan Haneline, Senior Vice President of Marsh McLennan, and Rick Yocum, Managing Director of Advisory Services at TrustedSec, as they discuss the security…
Navigating the Trail to GDPR Compliance
Join Principal Security Consultant Rick Yocum for this live webinar as he makes understanding GDPR informative and entertaining.
CMMC: Feedback From the Trenches
Join GRC Principal Security Consultant Rick Yocum, Practice Lead Alex Hamerstone, and Security Program Director Stephen Marchewitz as they discuss the tips and…
CMMC Small Business Funding Roundup
TrustedSec works with clients of all sizes on Cybersecurity Maturity Model Certification (CMMC) readiness engagements, but recently we’ve received a few…
Improving SIEM and MSSP Performance
Join Ben Mauch, Team Lead, Defense & Countermeasures, and Rick Yocum, Principal Advisory Consultant, who will discuss the various elements of gaining greater…
Nine Things to Know About the CMMC
The Cybersecurity Maturity Model Certification (CMMC) (https://www.acq.osd.mil/cmmc/) is a program being developed to help ensure that specific types of…
Two Simple Ways to Start Using the MITRE ATT&CK Framework
While there is a wealth of free information intended to help larger organizations use the MITRE ATT&CKTM Framework, these resources often assume that the…
MITRE ATT&CK™ Solutions Update and Evolution: Exploring Advanced Applications of ATT&CK
Join TrustedSec to discuss how your organization is making better use of the ATT&CK framework, hear from some of the leading experts on incorporating it into…
Want Better Alerting? Consider Your Business Processes
Logging, monitoring, and alerting programs are some of the most critical elements of any security and compliance program, but traditional approaches for…
Vendor Enablement: Rethinking Third-Party Risk
Third-party risk management is an essential element of information security. It is common to see news about a large company being breached, and after learning…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
