CIS Controls Inspire Law Graduate
Law Graduate Finds Inspiration with CIS Controls for Vendor Assessments
Recently CIS had a conversation with Jamal Hartenstein, who has combined his two passions - cybersecurity and the law - into a specialized law practice. As a liaison between IT and legal groups, Mr. Hartenstein became aware of the CIS Controls through his employer’s CISO. Reading the California Attorney General’s report, he learned the CIS Controls are now considered a reasonable standard of care in the State of California for securing business information. He recognized a unique business opportunity to leverage his many years of experience as an IT professional, and his law degree, to find ways to help businesses validate their compliance with the CIS Controls and also protect them in the event of litigation.
Mr. Hartenstein is a highly skilled technical consultant with experience in data privacy, policy, and governance. He is currently working on a gap assessment of his client’s environment that will include a crosswalk of the identified security gaps to both the CIS Controls and the NIST Cybersecurity Framework. He believes it is important to have an assessment to show areas in need of improvement, as well as one that results in actionable items.
With his cybersecurity expertise and legal background, Mr. Hartenstein plans to open a cybersecurity law firm. He believes that organizations in California are likely to face increasing cybersecurity regulation and will likely be required to attest to their levels of compliance if problems arise. In those cases, he plans on using the CIS Controls as a means of assessing an organization’s security posture and providing legal services for responding to incidents that may occur.
Commitment to Cybersecurity
Mr. Hartenstein is a seasoned IT professional with multiple certifications and progressive experience in a range of security disciplines. His commitment to cybersecurity is growing and evolving to meet current trends in the cyber landscape, and he is well positioned in the Northern California business community.
About Jamal Hartenstein
Jamal Hartenstein, J.D., PMP, has 14 years of Information Technology experience. He is a graduate of the University of the Pacific – McGeorge School of Law, and served in the U.S. Army Military Intelligence Corps. He holds many certifications, and is a member of a number of respected organizations.
About the Center for Internet Security
CIS is a forward-thinking, nonprofit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. Our CIS Controls and CIS Benchmarks are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continually refined and verified by a volunteer, global community of experienced IT professionals. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for state, local, tribal and territorial government entities.