Home
Tom Olzak

Tom Olzak

Cybersecurity Researcher, Author & Educator

Independent security researcher and an IT professional since 1983, with experience in programming, network engineering, and security. I have an MBA as well as CISSP certification. I am also an online instructor for the University of Phoenix. I've held positions as an IS director, director of infrastructure engineering, director of information security, and programming manager at a variety of manufacturing, healthcare, and distribution companies. Before joining the private sector, I served 10 years in the United States Army Military Police with four years as a military police investigator. I've written four books, Just Enough Security, Microsoft Virtualization, Enterprise Security: A Practitioner's Guide, and Incident Management and Response Guide. I am also the author of various papers and articles on security management.
Stories by Tom Olzak
how to defend against DNS spoofing
Vulnerability Management
DNS Spoofing: What It Is and How to Fight Back
Tom Olzak
DNS is a critical part of today's business computing environment. Read on to learn about one of the most significant...
Improving network security with SASE
Network Security
Simplifying Distributed Networks’ Security With SD-WAN, NaaS, and SASE
Tom Olzak
Cloud security becomes more critical, more expensive, and harder to manage as information resources move sporadically to one or more...
Steps for an effective cyber risk management strategy
Cyber Risk Management
Building an Effective Risk Management Toolkit to Ward Off IT Risks
Tom Olzak
In an evolving threat environment, organizations must know the implementation of all security controls and their configuration to enable quick...
Practical Application of System Security Engineering to SDLC Security, Part 3
Security General
Practical Application of System Security Engineering to SDLC Security, Part 3
Tom Olzak
In the first two articles in this three-part series, I described the three system security engineering contexts problem, solution, and...
Practical Application of System Security Engineering to SDLC Security Part 2
Identity & Access Management
Practical Application of System Security Engineering to SDLC Security, Part 2
Tom Olzak
Part 2In the first article in this series, I explained the need for system security engineering and how it works....
Manage the Business Risk of the Web You Don’t See
Vulnerability Management
Manage the Business Risk of the Web You Don’t See
Tom Olzak
Knowing what personal information about employees and customers is available to potential attackers helps organizations determine the risk associated with...
1 7 8 9 10 11
Popular Articles