<![CDATA[Yet another day in the life of a security consultant.]]>Yet another day in the life of a security consultant.

COO (and vCISO at ‘Client’): We should do NIST CSF assessments. Make it so.
Me and Team: Got it! Here we go, who will be the first client?
COO: We’ll be the first client!
Me: Great!
Me: - Reminder: No wrong answers! The whole point is to see what you have in place when compared to the various domains and controls/requirements identified by NIST.
COO: WOAH WOAH WOAH this is NOT what I wanted. This scope is too broad! We gotta pare this down.
Me: …

]]>https://board.circlewithadot.net/topic/3077b405-e743-4138-99d2-c973a37caf81/yet-another-day-in-the-life-of-a-security-consultant.RSS for NodeFri, 17 Apr 2026 01:14:23 GMTTue, 14 Apr 2026 13:22:29 GMT60