Interview with George Jahchan

Email interview held on 30th September 2017 – as follows between Alan Radley (questioner) and George Jahchan (relator):

  1. What are your thoughts on the current state of cybersecurity, both for organizations and for consumers?

1) Unless applicable industry-accepted best practices are effectively implemented, monitored, and detected anomalies are promptly acted upon, the war is lost in advance.

  1. What – in your estimation – are the reasons behind the many computer security breaches/failures that we see today?

2) Human failure to adequately secure the environment, or human error (being taken for a phishing ride or falling for social engineering tricks). There is no such a technology as an idiot-proof human firewall.

  1. Where do you go to find your “science” of cybersecurity?

3) NIST, SANS, CIS, and some creative vendors.

  1. Do you recommend a particular cybersecurity blog that our readers could follow?

4) PCI Guru, Bank Info Security, Graham Cluley Security Newsletter,  and KerbsOnSecurity.

  1. What keeps you up at night in the context of the cyber environment that the world finds itself in?

5) Being suddenly targeted by an attack using a damaging cocktail of 0-day exploits initiated by nation state actors.


Thank you kindly George Jahchan for taking the time out of what must be a busy schedule to answer our questions in such a purposeful way.

Interviewee: George Jahchan,

Partner & PCI QSA at Krypton Security.


George Jahchan – Biography

Partner & PCI QSA at Krypton Security. Contact George for quality professional assistance with PCI DSS compliance projects or SIEM initiatives. He is flexible and available on short notice for short-term InfoSec contract work. Contact George on LinkedIn here.

✔ 100% project success rate.

✔ Nomad across EMEA

✔ PCI QSA, PCIP

✔ Certified Ethical Hacker C|EH

✔ SIEM Solution Pre-sales & Implementation Specialist

✔ Certified Information Systems Auditor (CISA)

✔ Certified Information Security Manager (CISM)

✔ BS7799-2 ISMS Lead Auditor

✔ Expertise in Windows & Unix/Linux

✔ IT Architect.

✔ 30+ years of experience in IT

✔ 15+ years in IT/info security

✔ Fluently trilingual (English, French and Arabic)

● Available for assistance with PCI DSS initiatives implementation

Specialties: Information Security, IT/InfoSec Audits, Network Security, Vulnerability Assessments, Penetration Testing, Firewalls, Unix/Linux, Technology Pre-sales, Risk Assessments, Network Design, Solution Architecture, Security Awareness, ITSM, Virtualization, DR, BCP.