GreyCastle Security CEO & Senior Strategist to lead cybersecurity discussions at 2016 Rochester Cybersecurity Summit

Share Article

CEO Reg Harnish and Senior Security Strategist Keith Robertson to discuss cybersecurity priorities and third-party cybersecurity risks

GreyCastle Security CEO Reg Harnish will discuss cybersecurity priorities at the Rochester Security Summit

Executives are often inundated with ‘good, bad and ugly’ cybersecurity advice... Rather than repeating the same advice over and over, I’ve designed my session to get their attention, while taking a comprehensive look at the cybersecurity advice out there.

CEO Reg Harnish and Senior Security Strategist Keith Robertson of GreyCastle Security, a leading cybersecurity consulting firm based out of Troy, NY, announced they will present at the 2016 Rochester Security Summit on October 5-6, 2016. Harnish will discuss how to best prioritize cybersecurity advice on October 5 at 11:20 a.m. while Robertson will discuss the cybersecurity risks posed by third-party contractors and vendors at 1:30 p.m.

Founded in 2006, the Rochester Security Summit is the leading IT security conference in upstate/western New York. Hosted during Cybersecurity Awareness Month, the conference brings together security, IT and higher education system professionals to educate businesses and the community on data and information system protection.

Harnish will help attendees weed through some of the best and worst cybersecurity advice businesses often receive and help decision makers set security priorities.

“Executives are often inundated with ‘good, bad and ugly’ cybersecurity advice without counsel to what is of ‘high importance,’” says Harnish. “Rather than repeating the same advice over and over, I’ve designed my session to get their attention, while taking a comprehensive look at the cybersecurity advice out there and then identifying the top priorities for different industries.”

Robertson will guide attendees through a plan for managing vendor risk, an avenue increasingly exploited by hackers.

“Hackers are always looking for backdoors into corporate networks and unfortunately, one of the easiest ways to do so is though contractors and third-party providers,” says Robertson. “What can be done? Companies must extend internal security controls externally to third-party vendors in order to reduce and manage cybersecurity risks.”

The two session descriptions are:

Harnish: Bulls(***) on Parade: Security Theater Academy Awards – Wednesday, October 5 at 11:20 a.m.
There's no shortage of bad cybersecurity advice out there. Most businesses get their security priorities from television, and it's a sold out show for "Security Theater 2016." And if it wasn't hard enough fighting through the endless fog of headlines, white papers and newsletters, even your so-called allies aren't doing you many favors. Cyber liability carriers, regulators and security vendors all have one thing in common – they all have [crappy] opinions. So what is any good cybersecurity professional to do? Celebrate! Join GreyCastle Security as we explore some of the most opportunistic, short-sighted, mindless guidance foisted upon us by mainstream media, the U.S. Government and your boss, and truly recognize those parties who have had the greatest possible negative impact on our security! It's the first annual Security Theater Academy Awards, and you're invited!

Robertson: Vendor Risk: The Back Door You Can't Leave Unlocked – Wednesday, October 5 at 1:30 p.m.
As we've seen time and time again, cybercriminals take the path of least resistance. Based on recent high-profile breaches, hackers have learned that contractors and other third-party providers can provide an opening into otherwise-secure corporate networks. You've spent time, money and energy securing your organization internally, only to leave the back door wide open. How can you extend your internal security controls to your vendors and help reduce your organization's risk? Join GreyCastle Security for an in-depth look into vendor risk management. Learn what's working, what's not, and how your organization can better manage one of the most challenging security issues facing organizations today.

GreyCastle Security focuses on managing the risks in people, processes and technology -- as opposed to simply deploying the latest hardware and software solutions. The company was founded in 2011 by an experienced team of CISOs, ISOs, security specialists and operators who recognize the need for a systematic approach to cybersecurity and has grown to include Fortune 500 and global 100 clients in 42 different states.

Members of the media interested in speaking with CEO Reg Harnish or Senior Strategist Keith Robertson can contact Liz Hilton at For more information on GreyCastle, visit

 # # #

About GreyCastle Security:
GreyCastle Security is a cybersecurity consulting firm focused on risk management, awareness and operational security. Our company was established to counter rapidly evolving cybersecurity threats and manage risks in people, processes and technology. GreyCastle Security is comprised exclusively of highly certified professionals with prior security experience in healthcare, education, retail and gaming. Our team members are all former CISOs, ISOs, security specialists and operators. We bring a client perspective to everything we do. All we do is cybersecurity -- all day, every day. We provide assessments, training, testing and response capabilities to organizations of all sizes, types and industries. We bring passionate practicality to cybersecurity. Visit us at for more information, and let GreyCastle Security redefine cybersecurity for you.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Elizabeth Hilton