Hello, and thank you for visiting. This site is the sum of my professional parts. On it, my goal is to share informative and helpful information to help technical professionals, cybersecurity peers, and of course the most important link in the security chain: network users. Who am I to even attempt to do this though?
I’m a CISSP-certified cybersecurity leader and U.S. Navy veteran with more than 20 years leading vulnerability assessments; security control assessments; Assessment & Authorization (A&A) activities to achieve and sustain Authority to Operate (ATO); policy and training development; and SecDevOps. I hold a Bachelor of Science in Information Technology and a Master of Science in Cybersecurity Information Leadership.
Throughout my career, I’ve proven and been recognized for my ability to align cyber strategy with business goals and the security of critical business systems. I’ve also spent more than 10-years defining and assessing Information Technology (IT) Governance and Portfolio management at the organizational level. What this translates to is the assurance that while I’m focused on securing networks and the systems composing it, I’m also keenly aware of the need to balance security with operability.
A significant amount of time in my career has been spent focusing on that most important link I mentioned above, the network user. While technical bells and whistles and qualified technical personnel may increase an organization’s overall cybersecurity posture, it’s the everyday network users who play an especially critical role. They’re essentially the people guarding the front door, and it’s their awareness of cybersecurity threats and ability to successfully avoid common traps like phishing emails, malicious websites, etc. that take an organization’s cybersecurity posture from good to great. From organizational users to a classroom of elementary school students to executive leadership, I’ve developed and delivered cybersecurity trainings and briefings that equip people to recognize and avoid the threat.
Hopefully, it’s been demonstrated already that I’m also an excellent communicator, both in the clarity and precision of my writing and the engaging and articulate way I express myself verbally. My writing is my own. That’s not to say that I don’t run important communications, policies, and briefs through Artificial Intelligence (AI) tools. I do, but it’s only to validate syntax and flow, not generate content. After all, the ability to come up with the ideas and find the optimal way to communicate them is what I like to think sets me above other qualified, cybersecurity professionals. Additionally, the fact that I’m fluent in English and Spanish means that my span of cybersecurity influence is broadened across not just industries but also cultures.
My intent herein is not to boast or brag, but I think it’s important to paint a picture of who I am professionally. That said, I’m also creative and graphic design-enabled, as evidenced by the personally designed logo and graphics you see on the site. I believe the Cybersecurity Trifecta logo in particular visually depicts how others see me after having worked with me, for me, or around me throughout the years. I believe that for me and other cybersecurity professionals like me, the combination of extensive experience, industry certification, and advanced education make us stand out in the most positive of ways.
My most treasured ability, though, is the fact that I love to and can share my knowledge with others, regardless of their level of technical understanding, educational background, or socioeconomic circumstances. For this reason, I’m always open to requests for me to speak at schools, civic groups, or business organizations. After all, what good is knowledge if it isn’t passed on to others.
Thank you again for visiting. If you’d like to reach me, please do so via the contact page. I’d love to connect. Be well.
Best Regards,
Justin E. Gehrke, M.S., CISSP