Henrich Slezak, CISA, is a Security Auditor and IT Security Consultant at LIFARS LLC. He is focused mainly on GRC, information security management, security auditing and risk management.
Henrich has more than 10 years of experience in information security and started as a member of the analytical department of an EU country governmental CSIRT team. He was responsible for information security auditing and implementation, development of security policies, procedures, and operational materials. He also participated in trainings and raising awareness of the CSIRT’s constituency. Additionally, he was involved in various incident response engagements as a team member, incident response manager, and incident response facilitator. He also represented an EU country in various expert groups in Europe which included CSIRTs Network, ENISA Cyber Exercises planners group, NIS directive working groups and many others. Conducting penetration tests by social engineering (spear phishing campaigns especially) is one of his favorite entertainment activities.
Henrich is a subject matter expert on risk assessments, including NIST Risk Management Framework for Information Systems and Organizations, NIST SP 800-30, ISO/IEC 27005:2018 and ISO 31000. Henrich holds the ISACA Certified Information Systems Auditor (CISA) and has experiences with auditing according to ISO/IEC 27001:2013. Henrich also has experience with assessing maturity of incident response teams according to the SIM3 model as well as CREST Cyber Security Incident Response Maturity Assessments.