Eric Rockwell, CISSP

Eric Rockwell specializes in corporate information security, including cybersecurity.  His experience in providing IT audit, maturity assessments and on-going InfoSec governance, remediation and control design span among multiple frameworks – including National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), NIST 800-53, NIST 800-171, the Center for Internet Security (CIS) Controls, the International Standards Organization (ISO) 9001 and 27001. Eric also has experience with Sarbanes-Oxley (SOX) Act IT general control implementation and testing, Service Organization Control (SOC) report readiness and testing, information security steering committee management, leading information security policy workshops, business continuity planning (BCP) reviews and disaster recovery planning (DRP) reviews.

INDUSTRIES & FOCUS

Defense Industrial Base (DIB), Healthcare, Legal, Technology, Media & Entertainment, Life Sciences, Not-for profit, Manufacturing & Distribution, Consumer Products, Financial Institutions, SaaS and Technology organizations, Service organizations and Professional Services.

ACCOMPLISHMENTS

Prior to his affiliation with SingerLewak, Eric founded, led, grew and sold information technology and information security organizations.  Eric studied Computer Science and Political Science at the University of California San Diego.  Eric is most commonly serving clients in the capacity of outsourced Virtual Chief Information Security Officer (vCISO).

Eric is a published author, including primary author of the American Bar Association’s (ABA) Law Offices Policy and Procedures chapter on Technology and Information Security.

Eric has the following professional certifications:

• Certified Information Systems Security Professional (CISSP), ISC2
• Certified Scrum Master (CSM)

Eric is a member of the following organizations:

• Center for Internet Security (CIS)
• Information Systems Audit and Control Association (ISACA)
• ISSA