NAVIGATING A CAREER PATH IN CYBERSECURITY
In 1994, Michael transitioned from international high-risk warrants into domestic corporate security, attended numerous formal training programs and pursued a career as an Executive Protection Specialist, operating in both corporate and high-threat environments. Throughout his experience, Michael was always (informally) designated as the “team technology geek,” a role he officially (and formally) embraced in 2011.
Michael I. Kaplan is now a Cyber Security Instructor, Information Systems Risk Manager, and Disaster Recovery Engineer. His technical areas of specialization are Cyber Security Architecture, IT Risk Assessment, and IT Program Audit / Compliance; his geographical areas of specialization are the United States, Eastern Europe, and Latin America / Caribbean. Michael also possesses a high degree of subject matter expertise regarding conformance to Cyber Security Frameworks (CSF) including HIPAA Compliance (HITECH, GAPP), NIST SP 800 Series, ISO 27000 Series, PCI-DSS, SSAE 16 (SOC1, SOC2), and FedRAMP (moderate, high).
CYBER SECURITY TRAINING SCHEDULE
2019 Training Schedule
Industry Training Certifications In the Phase2 Advantage role as an Authorized Training Center for Mile2, Michael I. Kaplan, a certified Cyber Security Instructor, is authorized to teach the following courses to students seeking Mile2 certifications:
Successful cyber security consulting is based on asking the right questions. Without them, we have no way of providing a client with correct perspectives which may potentially lead to different, and more suitable, outcomes. It requires a tabula rasa mindset, a design thinking approach, and absolutely no preconceived or prepackaged solutions. That’s the perspective we bring to our clients to solve challenges. That’s not “thinking outside the box.” It’s realizing there is no box, and never has been.
“When a customer asks you for a ¼-inch drill bit, they don’t
really need a drill bit. They
need a ¼-inch hole.”
~ Theodore Levitt ~
Our Consulting Services No consulting company can be all things to all people, although many do put forward their best effort and try. Phase2 Advantage has three disciplines within the cyber security consulting realm at which it excels: IT Business Continuity, IT Disaster Recovery, and IT Risk Management. We’ll never claim to be something we’re not, and we’ll always refer clients to companies with the capabilities they need when necessary. Listed below are the three — and only three — consulting services we provide to our clients.
IT Business Continuity Planning Business Continuity and Disaster Recovery planning are not the same function and require different skill sets in order to be successful. Business continuity planning is a proactive plan to avoid and mitigate risks associated with a disruption of operations. While it does plan for actions to be taken after an event, it focuses on preventive and preemptive solutions to reduce the probability of a disaster occurring. In this type of planning the ability to ask the correct questions is critical, and we’re experts at asking correct questions based on the environment in which we’re located at the time.
IT Disaster Recovery Planning Unlike the preventive focus of Business Continuity planning, Disaster Recovery plans for actions which are responsive and reactive. As businesses face a wide range of daily risks – including cyber-attacks, human error, technical failures, and natural disasters – it’s vital they create practical plans to sustain their security posture, financial health, and industry / brand reputation to maintain long-term success. In this type of planning the ability to observe minute details is critical, and we’re experts at incorporating an attention to detail that affords our clients the capability of executing their plans with precision.
IT Risk Management Given the wide range of technology-enabled components comprising modern security programs, the potential for exposure to risk has grown exponentially. Laws governing regulatory and compliance requirements change rapidly as they attempt to keep pace with technology trends. Information security frameworks and models, once barely acknowledged and often ignored, are now expected responsibilities and strictly enforced. In this increasing regulatory environment, the ability to audit and assess potential risk is critical, and we’re experts at the type of risk identification, assessment, and mitigation that affords our clients the capability of sleeping well at night.
“The answer is “YES,” we can
do that for you. Now,
what’s the question?”
~ Michael I. Kaplan ~