Pierre-Paul Ferland

Quebec

Pierre-Paul Ferland is a cybersecurity GRC leader, educator, and the voice behind This Is GRC, the project that breaks down how governance, risk, and compliance actually works in the real world.

19 Jul 2023 GRC in Practice

What is ISO27001 Certification?

Explaining what makes the ISO27001 standard relevant for information security professionals today. I tell the story of how I took part in an ISO27001 certification process. I share my expert opinion on how this framework can help an organization manage security in a cost-effective way.

12 Jul 2023 Security

How do ChatGPT and other LLMs get hacked?

Ever wondered if ChatGPT can be taken over? This post explains - like you're five - the hacks of ChatGPT and other LLMs. The silver lining? We do have the necessary tools to address AI hacking. It's now a question of whether the security community will act fast enough.

05 Jul 2023 Leadership

Selling InfoSec Differently

Information security is expensive, inconvenient, and hard. Fear-mongering dulls itself over time. If you are a security representative in your organization, whether full-time or more likely part-time, influence, as a means of connection, will get you farther.

21 Jun 2023 Security

Who is behind ransomware attacks?

Looking at cybercriminals' motivations, recruiting tactics, and targets. How did ransomware come to operate like a software business? Plus a deep dive into who joins ransomware criminal gangs. Learn why teenage boys are often recruited.

14 Jun 2023 GRC in Practice

Know What You're Up Against: Insights from the 2023 Data Breach Investigations Report

Verizon's Data Breach Investigation Report (DBIR) is a must-read resource to gain insight into current cybersecurity breaches. The 2023 version is out, and I read the whole 90 pages of it so you don't have to!