Pablo Gallardo

Pablo Gallardo

Cybersecurity and IT professional. Find more info at pmgallardo.com

IT Security Regulations

This post features regulations related to IT security. The post focuses on regulations that establish IT security controls. If you want to know regulations that prosecute malicious behavior related to computers or IT and IT crime, please check this post.…

Infrastructure as Code

Infrastructure as Code (IaC) is the process of managing and provisioning computer data center resources through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. IaC would be a broader term that configuration management. You can read…

IT Supplier Risk Management

This post discusses some topics about information technology (IT) supplier risk management (SRM) or Supply Chain Risk Management (SCRM). Related terms are provider management and IT vendor risk management. Certifications that could be used on Vendor IT Risk Management Some…

IT Vulnerability Scoring Systems

This post features scoring systems for IT vulnerabilities. List of Vulnerability Scoring Systems These are the resources for vulnerability scoring systems: The most popular is CVSS. CVSS Common Vulnerability Scoring System (CVSS) is an open standard that provides an open…

IT Risk Management

IT risk is any risk that is specific to information technology. IT risk management deals with the IT risk within an organization. In an organization, IT risk management may be done by the IT security department or the risk department.…