CJ Hurd

CJ Hurd

CJ Hurd is Chief Operating Officer and SVP of the Virtual Chief Information Security Officer (CISO) program with Compass IT Compliance. CJ holds over 20 years of experience across the information technology and cybersecurity landscape. He retired from the Coast Guard in 2018 after 21 years of active-duty service, where he was named the Coast Guard's Information Security Officer of the year in 2015, 2016, and 2017, as well as being named the Department of Homeland Security’s Information Security Officer of the year in 2016. CJ holds the Certified Information Systems Security Professional (CISSP) and Certified Data Privacy Solutions Engineer (CDPSE) certifications. In his role at Compass IT Compliance, CJ leads a team of Virtual CISOs that work with organizations of all sizes and across varying industries to develop, implement, enhance, and manage their cybersecurity programs. Serving as an organization’s Virtual CISO, members of CJ’s team oversee the strategic and operational aspects of the Information Security Program as well as work to identify and remediate realized or potential security threats within an organization’s environment.

Posts by CJ Hurd

Why the ‘CISO’ in Virtual CISO Services Shouldn’t Scare You

by CJ Hurd on July 8, 2025 at 1:00 PM

vCISO Shouldn't Scare You

For many small and midsize businesses, the term Virtual CISO (or vCISO) can be a little off-putting. It sounds big, corporate, and expensive—like something built for Fortune 500 companies, not organizations with lean teams, tight budgets, and practical day-to-day needs. After all, the …

Read Story

Topics: Cybersecurity Virtual CISO

Why One-Size-Fits-All vCISO Security Programs Fall Short

by CJ Hurd on May 9, 2025 at 3:17 PM

Custom vCISO Program

When people talk about virtual Chief Information Security Officer (vCISO) services, they tend to focus on access: access to strategic guidance, access to frameworks, access to a security expert at a fraction of the cost of a full-time executive. And those benefits are real. But what d …

Read Story

Topics: Virtual CISO

What is TISAX Assessment Level 2.5 (AL 2.5)?

by CJ Hurd on January 8, 2025 at 2:21 PM

TISAX Assessment Level 2.5

In the realm of automotive and industrial information security, TISAX (Trusted Information Security Assessment Exchange) plays a vital role in standardizing security assessments among partners and suppliers. One of its unique features is the concept of assessment levels, which determi …

Read Story

Topics: Compliance Risk Assessment TISAX

Essential Elements of an Effective Virtual CISO (vCISO) Program

by CJ Hurd on October 30, 2024 at 4:32 PM

Effective vCISO Program

In today's digital world, organizations face more cyber threats than ever before. With attacks becoming increasingly complex and frequent, businesses need strong cybersecurity leadership to stay ahead. That's where a Virtual Chief Information Security Officer (vCISO) comes in—a smart …

Read Story

Topics: Compliance Risk Management Virtual CISO

Nobody Is Exempt from Vendor Security Questionnaires

by CJ Hurd on July 12, 2024 at 12:00 PM

Vendor Management

Increased supply chain and vendor breaches have underscored the critical importance of vendor security questionnaires for safeguarding organizational security. These questionnaires have emerged as essential tools for organizations to evaluate the security practices of their third-part …

Read Story

Topics: Vendor Management Virtual CISO

How Data Classification Can Combat Data Sprawl & Enhance Efficiency

by CJ Hurd on June 4, 2024 at 11:00 AM

Data Classification

Data sprawl is a pervasive issue in modern organizations, characterized by the uncontrolled and often chaotic growth of data across various systems and storage solutions. As businesses accumulate vast amounts of data, the challenges of managing, securing, and utilizing this informatio …

Read Story

Topics: Compliance Cybersecurity
1 2 3 4

See all

See all

Subscribe by email