OneZero Solutions

Excited to announce that I will be representing OneZero Solutions as an official sponsor at the upcoming Maritime Cyber Resilience Summit hosted by the Maritime Transportation System ISAC in Orlando, FL this June 23-25! In addition to exhibiting at our booth, I’ll also be speaking on a topic that continues to grow in importance across the maritime ecosystem: Vendor and Human Risk: Where Exposure Actually Happens. Modern maritime cyber incidents rarely begin with a direct attack against a port or vessel operator. Instead, disruption increasingly originates through trusted vendors, remote access pathways, operational technology dependencies, and human actions that create exploitable gaps across the maritime ecosystem. In this session, I will examine how third-party vendor compromise, insecure remote connectivity, social engineering, phishing, credential theft, and human operational behaviors are converging into one of the highest-consequence risks facing maritime organizations today. Using real-world maritime case studies, recent regulatory developments, and operational attack scenarios, attendees will gain practical insight into how cyber incidents escalate from external dependency to operational disruption, and what organizations can do to improve resilience before the next incident occurs. Looking forward to meeting maritime leaders, operators, security professionals, insurers, regulators, and technology partners focused on protecting the Maritime Transportation System (MTS). If you’re attending, let’s connect. If you are not registered yet, here is the link to get your ticket: https://lnkd.in/eS63xBqm #MaritimeCybersecurity #MTSISAC #CyberResilience #SupplyChainSecurity #VendorRisk

Last week I facilitated a two-day cyber offsite with Joe Avant, SVP Cybersecurity, Jason Gebert, Cyber Solutions Architect, and Logan Burnett, Research Analyst and co-facilitator, focused on one objective: turning what OneZero Solutions already does well into repeatable, scalable capability. The goal wasn’t to brainstorm new ideas, it was to extract delivery reality and structure it into usable Accelerators that strengthen customer conversations and proposal execution. We aligned on a single, integrated operating model for how we deliver cyber outcomes across the full lifecycle for our Federal clients...from engineering and authorization through continuous monitoring and operations. We considered our customer types, roles and responsibilities to ensure our model resonates with federal buyers, and that our narrative stays grounded in mission outcomes. We are not delivering compliance theater or tool-driven messaging. The work itself was intentionally disciplined. We defined what qualifies as reusable IP, repeatable, teachable, not person-dependent, and grounded in real delivery. We then moved quickly from discussion into structure: clear problem statements by stakeholder, consistent language, defined workflows, and outputs ready for RFI/RFP use. But just as important as the work was the environment. Getting a small, focused team offsite created the space to operate at a different level...free from the normal noise and able to stay in deep work long enough to create the desired artifacts. And the ideation wasn’t limited to the working sessions. I played a good Central Oregon host: hiking Misery Ridge at Smith Rock, fly fishing on the Metolius River, cold plunge recovery session, and time at local breweries and restaurants. That balance of high cognitive work paired with time to reset helped sustain energy, sharpen thinking, and strengthen the team dynamic in a way that simply doesn’t happen in a standard conference room setting. The takeaway: stepping away to work on the business is a force multiplier. You get better outcomes, faster alignment, stronger teams, and a clearer path to scale what you already do best.

𝗢𝗻𝗲𝗭𝗲𝗿𝗼 𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀 𝗔𝗰𝗵𝗶𝗲𝘃𝗲𝘀 𝗜𝗦𝗔𝗖𝗔 𝗔𝘂𝘁𝗵𝗼𝗿𝗶𝘇𝗲𝗱 𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴 𝗢𝗿𝗴𝗮𝗻𝗶𝘇𝗮𝘁𝗶𝗼𝗻 𝗔𝗰𝗰𝗿𝗲𝗱𝗶𝘁𝗮𝘁𝗶𝗼𝗻 𝗳𝗼𝗿 𝗖𝗜𝗦𝗠, 𝗖𝗜𝗦𝗔, 𝗖𝗥𝗜𝗦𝗖, 𝗮𝗻𝗱 𝗖𝗚𝗘𝗜𝗧. OneZero Solutions is pleased to announce that it has been officially accredited by ISACA as an Authorized Training Organization (ATO) for four of the industry’s most respected certifications: Certified Information Security Manager (𝗖𝗜𝗦𝗠), Certified Information Systems Auditor (𝗖𝗜𝗦𝗔), Certified in Risk and Information Systems Control (𝗖𝗥𝗜𝗦𝗖), and Certified in the Governance of Enterprise IT (𝗖𝗚𝗘𝗜𝗧). This accreditation represents a significant milestone for OneZero Solutions and reinforces the organization’s commitment to delivering high-quality, practitioner-led training aligned to real-world enterprise security, audit, and risk management challenges. “Achieving ISACA ATO status is a strong validation of the quality and rigor of our training programs,” said John Christly, VP of Commercial Services at OneZero Solutions. “Our focus has always been on bridging the gap between theory and execution, equipping professionals and organizations with the knowledge and capabilities required to operate effectively.” The accreditation further enhances the capabilities of the OneZero Learning Academy, expanding its portfolio of professional education offerings designed for cybersecurity leaders, auditors, risk professionals, and executive stakeholders across regulated industries. Two of these ISACA certifications directly support organizations that must comply with Department of Defense Directive 8140 (DoD 8140), which governs workforce qualification and cybersecurity role alignment across the Defense Industrial Base and federal ecosystem. Credentials such as CISM and CISA map to key work roles within the DoD 8140 framework, helping organizations demonstrate that personnel possess the required knowledge, skills, and abilities for cybersecurity, risk management, and audit functions. OneZero Solutions will soon be announcing its ISACA focused course schedule. These training programs will be designed to support both individual certification goals and enterprise workforce development initiatives. This milestone also supports the OneZero Commercial team's broader strategy to align cybersecurity advisory services with workforce development, enabling clients to not only meet compliance requirements but also build sustainable, high-performing security and risk programs. For more information on public or private classes, please contact John Christly at  𝗷𝗼𝗵𝗻.𝗰𝗵𝗿𝗶𝘀𝘁𝗹𝘆@𝗼𝗻𝗲𝘇𝗲𝗿𝗼𝗹𝗹𝗰.𝗰𝗼𝗺