Who are we?
Cyber Security Insider Secrets is a web site run by Philip Lohr. The purpose of the web site is to provide information to the consumer and to small business. Philip has observed that large companies have the resources (time, money, and personnel) to protect their information. They can hire knowlegeable people to keep their information, technology, and companies safe.
However, the consumer and small business are at a disadvantage. They do not have the knowledge, the financial resources, or the time and energy to be able to learn and keep up with everything they need to know. Often, it is hard to find the information they need. When the information is available, it is often difficult to understand it or to know how to apply it.
This problem can be solved. While time and money will still limit what the consumer or small business person can do, there is a great deal that can be done if they are able to get the knowledge they need.
The purpose of this effort, of which this web site is a part, is to make the most important information available to the general public. A critical part of this effort is to make this information understandable, and to show how to apply it.
Who is Philip Lohr?
Philip Lohr has been involved in IT for approximately 30 years in a variety of capacities, with a focus on security and information protection for nearly 20 years.
He is certified as a CISSP*, as a CISM**, and as a CISA***, all of which require extensive experience, knowledge, and rigorous testing to obtain. Each of these also has a significant continuing education requirement to maintain. These credentials recognize him as a professional with experience in the day-to-day application of security practices to the enterprise; to the development, management, and oversight of security programs in the enterprise; and to the evaluation of the effectiveness of technology and processes for information and technology protection.
He attends trainings and briefings on a regular basis to keep aware of the latest developments with respect to the threats as well as the measures to provide protection against them. These trainings and briefings include representatives from industry and government, both nationally and internationally. He is a member of InfraGard, an alliance between the FBI and the private sector to protect the critical infrastructure of our nation. He also maintains his association with other industry organizations.
Philip also has experience in psychology as well as significant experience in personalized instruction. He approaches this training from a layperson’s perspective, using everyday language, desiring that others understand rather than be dazzled with a display of technical language and concepts. Although he is proficient at solving technology problems, his approach is to empower those he works with so that they can understand and apply their understanding.
His current interest is in bringing his knowledge and experience to informing the general public and small businesses of the risks they face to their information and technology, and in explaining how they can protect themselves.
* CISSP (Certified Information Systems Security Professional)
Requires extensive experience and knowledge; recognizes one as able to apply security understanding to protect enterprises
** CISM (Certified Information Security Manager)
Requires extensive experience and knowledge; recognizes one as competent to manage security operations in an enterprise from a risk and governance perspective (to focus on the things that make the most difference and to assure that the appropriate oversight is maintained to assure desired outcomes)
*** CISA (Certified Information Systems Auditor)
Requires extensive experience and knowledge; recognizes one as competent to assess the technologies, processes, practices, policies, and management of information systems to assure that they provide the required level of protection to information and systems