This is disappointing.

I imagine a lot of companies will just blacklist email addresses using at private dot icloud dot com.

https://techcrunch.com/2026/06/16/apple-plans-to-change-its-hide-my-email-privacy-feature-that-could-make-it-less-effective/

Received physical mail from my dentist and opened it thinking it was just some discrepancy in what I paid vs owe from my last visit.

Instead, it was a data breach notification.

Maybe it's because it's still early in the morning, but that's literally the last thing I thought it would be.

Have you ever wondered what's included in the SOC reports I've spent a large portion of my career working on for clients?

No?

Well, I don't believe you. Actually, I do. 😀

Still, if interested, the latest update to my new GRC blog provides a general overview of the different sections included in an SOC 1 report.

https://zalovogrc.com/2026/06/17/soc-report-structure-overview/

Hi Everyone - Long time reader, first time poster on InfoSec.Exchange. That’s a lie, this is really my 2ⁿᵈ post.

I’ve been out of work for about 6 months now. This is the 3ʳᵈ time I’ve had what I like to refer to as a mid-life retirement either forced or by choice. However, that’s not what this post is really about. Rather than just sitting back submitting applications into the abyss, I’ve decided to take a stab at writing about GRC topics to stay engaged and figured this would be a good group to help with the endeavor.

As I get started, the topics will mostly be about SOC 1 and 2 examinations, where I have the most experience, but will also try writing "opinion" type pieces about current events in the GRC/tech space.

I'd appreciate your thoughts/opinions - because we all have one - on not just the post topics, but the site itself.

Note that I’m not a “writer” outside of being able to write. I feel the need to say this too… the posts will be my words, using my vocabulary, with extremely limited or no use of AI.

https://zalovogrc.com/