The Law Offices of Mary N. Chaney, P.L.L.C.
The Cyber Security Law Firm of Texas

Mary's Blog

The Breach Whisperer

About Mary....

Mary N. Chaney, Esq., CISSP® is a former Special Agent for the FBI where she investigated cybercrime, a seasoned corporate executive that built and operated information security teams and now a cybersecurity attorney.

As a self-described “Breach Whisperer” our firm can train your company to properly prepare for your eventual breach!

The overall goal of our firm is to use our wealth of knowledge and expertise to help support, translate and advise, Boards of Directors, CIO's, CISO's and General Counsel's on how to legally protect their company from cyber related risk.

Blog Entries


The Education Sector Continues to Struggle But Is It Because Of The Talent Gap?

See Article Here

Every single day and almost every single article I read about the challenges in cyber security is because there is a talent shortage! Even though I would like to, I won’t spend this particular blog talking about how many highly qualified minority and women professionals that I know personally in cyber that have problems finding jobs. Heck, even I have had trouble finding the appropriate job fit for me in this field!

However, what I want to talk about is this statement. “[t]here simply aren’t enough qualified cybersecurity professionals to help protect schools. On top of that, many schools don’t have enough money to even higher a cybersecurity administrator or to invest in new software or network infrastructure to improve cybersecurity.”

I read that and I paused and said to myself is it that there is a talent shortage, or is there a lack of funding to create an effective cyber security program? It would seem to me if you don't have the money to hire talent, you will never find any talent, shortage or not. No one does this job for free!

However, one of the more creative solutions, as mentioned, “two small colleges in Pennsylvania have been sharing a chief information security officer since 2013 in an effort to improve cybersecurity and cut costs.” This might work. If two (or more) schools pool their money together they can now afford to get someone to come in and create cyber security program for their schools. Of course, no two schools are the same, however, they look alike, in the sense that the threat actors targeting them are the same, the challenges with students are the same, and the data that needs to be protected is the same. It’s time for us to start thinking creatively and logically about how to solve the problem instead of the knee-jerk response of blaming it on the talent shortage!