Home
Tom Olzak

Tom Olzak

Cybersecurity Researcher, Author & Educator

Independent security researcher and an IT professional since 1983, with experience in programming, network engineering, and security. I have an MBA as well as CISSP certification. I am also an online instructor for the University of Phoenix. I've held positions as an IS director, director of infrastructure engineering, director of information security, and programming manager at a variety of manufacturing, healthcare, and distribution companies. Before joining the private sector, I served 10 years in the United States Army Military Police with four years as a military police investigator. I've written four books, Just Enough Security, Microsoft Virtualization, Enterprise Security: A Practitioner's Guide, and Incident Management and Response Guide. I am also the author of various papers and articles on security management.
Stories by Tom Olzak
NISTIR 8286A Risk Management Guidance Part 2: Tools and Insights to Manage Risks
Cyber Risk Management
NISTIR 8286A Risk Management Guidance Part 2: Tools and Insights to Manage Risks
Tom Olzak
After learning to integrate cyber risk management with enterprise risk management and defining information resource categories in Part 1, here’s...
risk management guidance
Cyber Risk Management
NISTIR 8286A Risk Management Guidance Part 1: Risk Appetite and Risk Tolerance
Tom Olzak
Let's look at ways to identify your organization's risk appetite and tolerance for each system, as well as how to...
Dealing with traditional backup issues through CDP approach
Data Security
Eradicating Traditional Backup Woes With Continuous Data Protection
Tom Olzak
Here’s a quick handbook to understand the traditional backup challenges and how CDP (continuous data protection) can palliate the issues...
Businessman Drawing A Uml Use Case Diagram
IT Strategy
Using UML Misuse Diagrams to Secure Systems From Threat Actors
Tom Olzak
Misuse case diagrams, unlike use case diagrams, help organizations prevent threat actors from making changes in a system. In this...
why API security deserves a closer look
Application Security
API Security: Ten Major API-Related Vulnerabilities and Ways to Address Them
Tom Olzak
APIs are a continually expanding attack surface that is often overlooked due to a lack of understanding. Here’s a look...
Zero Trust Security Model
Network Security
Cybersecurity Mesh: Just Another ZTN Model Or a Paradigm Shift?
Tom Olzak
In a security landscape flooded by acronyms, abbreviations, and labels, another has emerged: the cybersecurity mesh. By definition, it is...
1 2 3 4 5
Popular Articles