Interview with George Jahchan
Email interview held on 30th September 2017 – as follows between Alan Radley (questioner) and George Jahchan (relator):
- What are your thoughts on the current state of cybersecurity, both for organizations and for consumers?
1) Unless applicable industry-accepted best practices are effectively implemented, monitored, and detected anomalies are promptly acted upon, the war is lost in advance.
- What – in your estimation – are the reasons behind the many computer security breaches/failures that we see today?
2) Human failure to adequately secure the environment, or human error (being taken for a phishing ride or falling for social engineering tricks). There is no such a technology as an idiot-proof human firewall.
- Where do you go to find your “science” of cybersecurity?
3) NIST, SANS, CIS, and some creative vendors.
- Do you recommend a particular cybersecurity blog that our readers could follow?
4) PCI Guru, Bank Info Security, Graham Cluley Security Newsletter, and KerbsOnSecurity.
- What keeps you up at night in the context of the cyber environment that the world finds itself in?
5) Being suddenly targeted by an attack using a damaging cocktail of 0-day exploits initiated by nation state actors.
Thank you kindly George Jahchan for taking the time out of what must be a busy schedule to answer our questions in such a purposeful way.
Interviewee: George Jahchan,
Partner & PCI QSA at Krypton Security.
George Jahchan – Biography
Partner & PCI QSA at Krypton Security. Contact George for quality professional assistance with PCI DSS compliance projects or SIEM initiatives. He is flexible and available on short notice for short-term InfoSec contract work. Contact George on LinkedIn here.
✔ 100% project success rate.
✔ Nomad across EMEA
✔ PCI QSA, PCIP
✔ Certified Ethical Hacker C|EH
✔ SIEM Solution Pre-sales & Implementation Specialist
✔ Certified Information Systems Auditor (CISA)
✔ Certified Information Security Manager (CISM)
✔ BS7799-2 ISMS Lead Auditor
✔ Expertise in Windows & Unix/Linux
✔ IT Architect.
✔ 30+ years of experience in IT
✔ 15+ years in IT/info security
✔ Fluently trilingual (English, French and Arabic)
● Available for assistance with PCI DSS initiatives implementation
Specialties: Information Security, IT/InfoSec Audits, Network Security, Vulnerability Assessments, Penetration Testing, Firewalls, Unix/Linux, Technology Pre-sales, Risk Assessments, Network Design, Solution Architecture, Security Awareness, ITSM, Virtualization, DR, BCP.