top of page
Search
Oct 5, 20192 min read
The Stress and Joy of Security Jobs
A few months ago there was this whole thing about the stress of security roles, CISOs self-medicating, and a whole range of burn-out...
1,542 views
Sep 29, 20193 min read
Cybersecurity is not the only Technology Risk
Cybersecurity is not the only technology risk, in fact, when you total up actual losses it is likely not even the biggest risk. Although...
518 views
Sep 15, 20193 min read
Security Program Tactics
When starting or reinvigorating a security program, focus on a small number of meta-objectives that can have sustained outsize effects -...
557 views
Sep 1, 20192 min read
Vulnerability Management
I don’t see much written on vulnerability management in more holistic terms vs. patch/bug fixing. This might be ok given a lot of...
226 views
Aug 17, 20192 min read
Cybersecurity as a First Class Business Risk
I see a lot of commentary on the need to “treat cyber/info-security as a business issue not an IT issue”. The problem is it implies that...
395 views
Jul 21, 20192 min read
Fundamental Drivers of Information Security Risk
As I get older and (hopefully) wiser it has become ever more apparent that all the issues and risks we face arise from a small number of...
422 views
Jun 9, 20193 min read
The Reporting Line of Security Teams / CISOs
Having read many people’s strong-held views on this topic I thought I’d add to the mix. Despite a lot of people now inevitably thinking...
1,538 views
May 24, 20191 min read
Coding Skills and Security
I've increasingly found, with respect to coding, security has come full circle. Those of us who started in the 80's/90's had to code (or...
816 views
May 24, 20193 min read
Cybersecurity Workforce Development
It is still somewhat frustrating that most of the dialog about the skills shortage in cybersecurity focuses, perhaps inevitably, on the...
214 views
bottom of page