<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1977396509252409&amp;ev=PageView&amp;noscript=1">

THIS FRIDAY: Free Webinar - ISO 27002 Revision

Contact a Specialist
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Learning Center
Learning Center
Articles
Articles
Whitepapers
Whitepapers
Case Studies
Case Studies
Events & Live Webinars
Events & Live Webinars
On-Demand Webinars
On-Demand Webinars
Compliance Reliance
Compliance Reliance
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility

Blog

The Schellman Advantage Blog

Stay up to date with the latest compliance news from the Schellman Advantage blog.

Douglas Barbin

Doug Barbin is managing principal (and co-owner) responsible for firmwide growth and service delivery including new services, sales, global expansion, technology partnerships, business development, marketing, and key client relationships. During his more than 11 years at Schellman, he has been privileged to work with many of the world's leading cloud computing, federal, FinTech, healthcare, AI, and security provider clients. Doug has more than 24 years’ experience, starting with a then Big 6 firm followed by a decade working in the cybersecurity and financial services industries. He maintains multiple CPA licenses, along with CISSP, CIPP, ISO 27001 Lead Auditor, and QSA certifications. He is very active in industry organizations and regularly speaks on commercial and government compliance and its application to cloud and other advanced technologies.

Blog Feature

Cybersecurity | FedRAMP | Federal | Government

By: Douglas Barbin
May 13th, 2021

Yesterday, on May 12th, President Biden issued the “Executive Order (EO) on Improving the Nation’s Cybersecurity.” Given that the Order features 11 sections that include both policy and general provisions among others, its 8,080 words is arguably the equivalent of multiple EOs. Such an effort is, no doubt, purposeful by the President—this is significant, and will certainly impact the security worlds of both the government itself and those companies that provide it with software and services.

Blog Feature

By: Douglas Barbin
April 28th, 2021

It All Starts with Defining Scope and Customer Commitment So your customer (or sales rep) told you that you need to conduct an external audit in order to win the business... Whether it is an ISO 27001 certification, SOC 2 examination or a FedRAMP assessment, companies are often challenged by the need to address customer requirements while ensuring a return on compliance investment.

Blog Feature

By: Douglas Barbin
May 20th, 2019

Do you need to set up an artificial intelligence ethics committee if you are using this technology? Google certainly thought it did — until it changed its mind. Of course Google is one of the leaders in this space while most other companies on the spectrum are merely experimenting with AI or using a variation of it in a vendor product. Still, though, artificial technology is quite different from other technologies and software applications given its ability to think and reason like a human. It is not understated to say there are ethical considerations with its use — even with seemingly benign business operations. Indeed, Deloitte's second annual State of AI in the Enterprise survey found that 32% of executives ranked ethical issues as a top three risk of AI, but most don't yet have specific approaches in place to address this risk.

Blog Feature

By: Douglas Barbin
April 24th, 2019

Don't let misconceptions cast a shadow over your organization's ability to get the most out of the cloud. Here are 7 cloud myths that should be relegated to history. Myths can be fun and entertaining when they involve the exploits of ancient gods and heroes. The amusement stops quickly, however, when a myth hampers IT or enterprise success.

Blog Feature

By: Douglas Barbin
March 6th, 2019

As the CIO role becomes increasingly strategic, risk aversion and a results-oriented mindset take a backseat to increasingly influence and driving organizational change.

Blog Feature

By: Douglas Barbin
February 4th, 2019

Securing the  cloud requires a  different mindset  than securing your on-prem  infrastructure Adventures in securing the cloud As cloud operations become increasingly popular, enterprises are recognizing that they require automated cloud security services to mitigate risk. But the road to automation is not always a smooth journey, or one with a distinct destination. Security experts discuss the promise and the perils of embracing automated cloud security services. Karen Epper Hoffman reports.

Blog Feature

By: Douglas Barbin
November 19th, 2018

Think you know everything about DevOps? Experts debunk five of the most common misconceptions. "DevOps" is a term that gets thrown around a lot, but sometimes even seasoned software developers don't fully grasp all of its nuances. Far more than a switch that organizations can turn on and off, DevOps is a fundamental shift in how companies think, work and innovate. Just how accurate are your DevOps beliefs and assumptions? We asked experts to weigh in on five of the most pervasive myths surrounding DevOps.

Blog Feature

By: Douglas Barbin
October 22nd, 2018

This week, I had the privilege of sitting on a panel, with Crispen Maung, the chief compliance officer at Box along with Hendrik Reese, a senior manager and GDPR practice lead from PwC’s consulting practice in Germany.  The topic for the panel was “The reality of GDPR: Learnings from the First Three Months”. We addressed a variety of topics, but I wanted to recap on some of the key takeaways from my perspective.