top of page
Search
Dec 142 min read
Leadership: One Day at a Time, One Step at a Time
One of the most profound, yet simple, acts of leadership I personally experienced was in the days after 9/11/2001. After the terrorist...
646
Nov 307 min read
Regulatory Harmonization - Let’s Get Real
Every few months some association or other learned group of professionals makes a fresh call to action for cybersecurity regulatory...
1,355
Nov 163 min read
Lessons in Crisis Management - Top 10 Disaster Movies
I’ve previously posted about some of the best security movies made but I have to confess I’m not a big fan of the genre. They tend not...
624
Nov 213 min read
Risk Appetite and Risk Tolerance - A Practical Approach
If you work for a large organization, especially public or otherwise regulated companies, then you may well have faced the prospect of...
5,772
Oct 197 min read
Threat Hunting: Real World vs. Cyber World
It’s puzzling that there aren’t more articles comparing and contrasting wildlife hunting techniques with cyber threat hunting, or maybe...
1,519
Oct 517 min read
Job Interviews: Part 2 Conducting the Security Interview - The Big 10
This is the second of two posts about interviews (the first post is here ). In this one I’ll focus on interviewing candidates and the...
3,722
Sep 2111 min read
Job Interviews: Part 1 Acing the Security Interview - 10 Top Tips
This is the first of two posts about interviews. In this one I’ll focus on interviewing for a role. In the next one we’ll look at how to...
3,688
Sep 78 min read
6 Truths of Cyber Risk Quantification
I wrote the original version of this post over 4 years ago. In revisiting this it is interesting to note that not much has actually...
5,657
Aug 246 min read
Ethics and Computer Security Research
If we are to keep advancing the fields of information / cybersecurity, technology risk management and resilience then we need to apply...
533
Aug 1016 min read
Security Training & Awareness - 10 Essential Techniques
Security training is often considered a bit of a waste of time. Maybe this is unfair, but unsurprising in the face of the worst forms of...
7,292
Jul 277 min read
33 Computer Programs That Changed the World
This is a slight departure from my normal security and risk management topics, but is something I’ve been getting more interested in....
1,994
Jul 135 min read
Why Good Security Fails: The Asymmetry of InfoSec Investment
One of the many paradoxes of security is that when you have invested appropriately (sometimes at significant expense) and you have less...
3,768
bottom of page