Skip to the main content.
Under Attack? Login
Under Attack? Login
Managed Extended Detection & Response
Layered cybersecurity controls for effective risk management and rapid response.

24/7/365 Monitoring & Alerting
Compromise Assessments
Threat Hunting
Vulnerability Management

Book MXDR Demo

Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Resources

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Company

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

ISO Interview with Brad Schrack

Picture of Kim Buckley Kim Buckley Dec 7, 2022 10:30:00 AM

Security Awareness

The role of Information Security Officer at any company, especially Ingalls Information Security, is critical to mitigating risk and security threats. We interviewed our new ISO Brad Schrack to learn about his professional experience and what he likes best about working in cybersecurity.

Information Security is  a critical concern for companies in just about every industry. Threats to the security of data are increasing and data breaches are becoming more common and there is a critical need for someone in a company or organization to be responsible for security. It is also important to have a dedicated role be responsible for making security decisions and educating the management team on risks. However, few companies have a dedicated ISO who is responsible for security within the organization. 

The Information Security Officer (ISO) for any company or organization has the important task of mitigating risk from various security threats and data breaches. The main responsibilities of an ISO is to oversee information security, cybersecurity, and IT risk management programs based on industry-accepted information and risk management frameworks.

At Ingalls Information Security we take security very seriously for not only our clients and customers, but internally for our organization as well. We took a few minutes to chat with our new ISO Brad Schrack about the role, his professional experience, and what he likes best about the cybersecurity industry.

 

Tell us a bit about your professional background. 

Brad Schrack: I am a United States Air Force Veteran, who served as an OPSEC/Intelligence Analyst for 12 years.  I have had a diverse career working  as a consultant and DoD contractor for over 22 years now.  I have filled many roles to include; Corporate Compliance officer of a large Non-profit organization and the Information Security Officer of a large Alaskan Native Corporation.  This has allowed me to gain  experience in multiple frameworks and multiple Laws to include DoD, HIPAA, PCI, NIST and others.

 

What is your role at Ingalls on the Government Programs team?

I fill the Sr. Information Analyst role, primarily working our CMMC program and ATO/RMF consulting support.  I am also the Information System Security Manager (ISSM) for CSAR.

 

The ISO role can look a little different depending on a company’s security needs. At Ingalls, what does an ISO do? 

The ISO at Ingalls is responsible for overseeing and managing the Information Security activities of the organization to include but not limited to:

  • Chairs the Information Security Steering Committee
  • Oversees the Ingalls’ SOC 2 Type 2 compliance
  • Manages Implementation of Cybersecurity Maturity Model 
  • Manages Information security policies
  • Updates and communicates to Senior leadership state of the program

 


What do you like best about the cybersecurity industry?

There are always new challenges and opportunities to improve, you never stop learning in this industry.  Also there is room for both Technical and Management centered people and in fact it takes both to have a successful Cybersecurity program. 
Subscribe to Network Security News