About the Author


Marlon Bermudez is a seasoned security professional and entrepreneur. At the age of nineteen, he established his own IT company through which he helped small business owners and end-users with their technology needs. As a consultant, he proposed and implemented technology to support business needs and growth. While he enjoyed having a successful business, five years later, he decided to join a Managed Service Provider to be able to help small businesses on a larger scale. He has been working full time to help small and midsize businesses since 2012 as a Senior Network/Systems Engineer; since 2013 as a HIPAA Security Officer; 2017-2020 as an Information Security Manager, and since 2020 as Vice President of Information Security.

His experience expands well beyond the technical role; into leadership, management, operations, and cyber-security. He earned his Master of Science degree in Cybersecurity (Sacred Heart University, Fairfield, CT) with a 4.0 GPA. While pursuing a graduate degree and holding a full-time job, he obtained numerous certifications and qualifications that demonstrate his knowledge and experience in the Information Technology and Information Security fields, e.g., Certified Information Security Manager (CISM), Certified Information Security Professional (CISSP); ISC2 Systems Security Certified Professional (SSCP); EC-Council Certified Ethical Hacker (CEH); Microsoft Certified Solutions Expert (MCSE); Cisco CCNA Security; Citrix VCA; and CompTIA A+, Linux+, Security+. Bermudez’s passion for cybersecurity and his commitment to helping small and midsize businesses have led him to write this book to help organizations protect themselves. The following is a summary of his academic and professional accomplishments.


About the Book

This book will expand on the NIST Cyber Security Framework subcategories and informative references to help small businesses with its implementation. Topics covered in this book include:

• Reference to NIST Cybersecurity Framework (CSF)
• Legal and Regulatory Compliance: HIPAA, PCI, GLBA, SOX, etc.
• A walkthrough on how to implement the NIST CSF subcategories, and possible products and services options to address your Cybersecurity needs and requirements.