Coaching

All Posts
Leadership
Risk
Cybersecurity
Technology

Apr 24
1 min

Leadership, Business, Security and Risk Reading List

This is my list of favorite books across the various professional disciplines I’m interested in. I have a set of favorite books that are...

1,389 views

Feb 27
3 min

"Hell Yes, or No" vs. "Soft Yes, and Fast Quit"

I am a big fan of the concept of saying, “Hell Yes, or No” to decide whether to do something or not. Derek Sivers has written well about...

2,176 views

Dec 6, 2020
6 min

The Seat at the Table: Integrating Security into your Business

The success of a security program is largely determined by how well it is integrated into the fabric of the organization, in terms of...

1,555 views

Nov 29, 2020
3 min

Simple Rules of (InfoSec) Career Success - Updated

Over the years I've noted the behaviors I’ve seen from consistently successful people. In this context I define success as a balance of...

1,118 views

Nov 15, 2020
6 min

12 Step Guide on Escalating Risk and Security Issues

Escalating issues is part of the foundation of any good risk and security program. Unfortunately, human nature is such that most people...

1,295 views

Oct 10, 2020
4 min

Building Balanced Security Teams: The Rule of Thirds

As an industry we spend a lot of time talking about workforce development and skills shortages. We tend not to talk about how to organize...

1,508 views

Sep 27, 2020
5 min

The Most Important Mental Models for CISOs - Simple Steps for Outsize Effects

There are lots of problem solving techniques across many fields. These are often represented as mental models or behavioral short-cuts....

1,543 views

Aug 29, 2020
5 min

Security Budgets - Supply and Demand Thinking

How you obtain and manage a budget to drive an adequate level of security is immensely important. Yet, it is one of the least discussed...

1,619 views

Aug 22, 2020
3 min

Cybersecurity Workforce Development - Updated

It is still somewhat frustrating that most of the dialog about the skills shortage in cybersecurity focuses, perhaps inevitably, on the...

929 views

Aug 16, 2020
6 min

Tips for Running a Risk Committee

In any sizable organization it is important to have some form of management steering group or committee to oversee your risk program. The...

1,935 views

Aug 1, 2020
10 min

Cybersecurity and the Board : A Fresh Perspective?

How to represent cybersecurity (or technology / information risks more generally) to the Board is an ongoing subject of discussion in...

2,761 views

Jul 12, 2020
3 min

Security Leadership: A-grades vs. Pass/Fail

The underlying secret of most great security leaders and teams is one thing: the ability to know what needs to be done really well vs....

1,788 views

Jun 28, 2020
2 min

A Simple Manifesto for Leading Security and Risk Teams

I’ve been using variants of these principles for many years in many contexts, both for security and broader risk management teams. I have...

1,915 views

Jun 21, 2020
6 min

A Security Professionals Guide to Dealing with Disagreement

Disagreement arises in many situations. It is an inevitable part of any work in any organization, or life in general. It is especially...

2,733 views

May 24, 2020
6 min

Resilience is about Capabilities not Plans

Resilience can be thought of as the ability to absorb shocks, adjust as needed and continue operation in the face of adversity. In other...

1,378 views

Mar 22, 2020
2 min

Selling into a Crisis (Rights and Wrongs)

It can be irritating to receive e-mails from vendors during a time of crisis, like now, with the spin that their products can help. It is...

8,230 views

Dec 15, 2019
1 min

Non-Technical Books. Recommended List

For some reason, first at a TAG_Cyber event and then coincidentally at 2 other events, the question of what books security people should...

295 views

Dec 7, 2019
3 min

The Art of Influencing

A critical measure of success for most security roles is the ability to influence. I’ve often found people think influence skills are...

344 views

Nov 17, 2019
2 min

Simple Rules of (InfoSec) Career Success

Over the years I made note of what behaviors I’ve seen from successful people. By success, I mean getting results, increase span of...

182 views

Nov 10, 2019
1 min

Shrines of Failure

I was at an event recently where one participant talked passionately about a disaster they had that they have since preserved artifacts...

609 views

{"items":["608432456bc3a10057ed72bf","603a81e6ea326b001733c4c0","5fcce46fb8b86f0017e112b2","5fc39b6a51752e00174f7b8a","5fb11c71542af80017d049cf","5f822758f5ae940017c7b670","5f7076b26f987e0017473d42","5f4a859b3eeeb9001703ec02","5f4167db3d9723001785da3d","5f3960844d62ce0017664505","5f25aa26cb2cc00018d54287","5f0b1569d9e8dd001775a228","5ef8a83cbf3c5300171e568d","5eef78b07349220017c9555e","5eca71fead670f0017b54212","5e77af7ad4b1c000174a106f","5e0fb1441d901000173e1cc6","5e0fb2bdfadb78001797e096","5e0fb925cd0005001763a9f7","5e0fba90cd0005001763ac35"],"styles":{"galleryType":"Columns","groupSize":1,"showArrows":true,"cubeImages":true,"cubeType":"fill","cubeRatio":1.3333333333333333,"isVertical":true,"gallerySize":30,"collageAmount":0,"collageDensity":0,"groupTypes":"1","oneRow":false,"imageMargin":32,"galleryMargin":0,"scatter":0,"rotatingScatter":"","chooseBestGroup":true,"smartCrop":false,"hasThumbnails":false,"enableScroll":true,"isGrid":true,"isSlider":false,"isColumns":false,"isSlideshow":false,"cropOnlyFill":false,"fixedColumns":1,"enableInfiniteScroll":true,"isRTL":false,"minItemSize":50,"rotatingGroupTypes":"","rotatingCropRatios":"","columnWidths":"","gallerySliderImageRatio":1.7777777777777777,"numberOfImagesPerRow":1,"numberOfImagesPerCol":1,"groupsPerStrip":0,"borderRadius":0,"boxShadow":0,"gridStyle":1,"mobilePanorama":false,"placeGroupsLtr":true,"viewMode":"preview","thumbnailSpacings":4,"galleryThumbnailsAlignment":"bottom","isMasonry":false,"isAutoSlideshow":false,"slideshowLoop":false,"autoSlideshowInterval":4,"bottomInfoHeight":0,"titlePlacement":"SHOW_ON_THE_RIGHT","galleryTextAlign":"center","scrollSnap":false,"itemClick":"nothing","fullscreen":true,"videoPlay":"hover","scrollAnimation":"NO_EFFECT","slideAnimation":"SCROLL","scrollDirection":0,"scrollDuration":400,"overlayAnimation":"FADE_IN","arrowsPosition":0,"arrowsSize":23,"watermarkOpacity":40,"watermarkSize":40,"useWatermark":true,"watermarkDock":{"top":"auto","left":"auto","right":0,"bottom":0,"transform":"translate3d(0,0,0)"},"loadMoreAmount":"all","defaultShowInfoExpand":1,"allowLinkExpand":true,"expandInfoPosition":0,"allowFullscreenExpand":true,"fullscreenLoop":false,"galleryAlignExpand":"left","addToCartBorderWidth":1,"addToCartButtonText":"","slideshowInfoSize":200,"playButtonForAutoSlideShow":false,"allowSlideshowCounter":false,"hoveringBehaviour":"NEVER_SHOW","thumbnailSize":120,"magicLayoutSeed":1,"imageHoverAnimation":"NO_EFFECT","imagePlacementAnimation":"NO_EFFECT","calculateTextBoxWidthMode":"PERCENT","textBoxHeight":0,"textBoxWidth":200,"textBoxWidthPercent":50,"textImageSpace":10,"textBoxBorderRadius":0,"textBoxBorderWidth":0,"loadMoreButtonText":"","loadMoreButtonBorderWidth":1,"loadMoreButtonBorderRadius":0,"imageInfoType":"ATTACHED_BACKGROUND","itemBorderWidth":1,"itemBorderRadius":0,"itemEnableShadow":false,"itemShadowBlur":20,"itemShadowDirection":135,"itemShadowSize":10,"imageLoadingMode":"BLUR","expandAnimation":"NO_EFFECT","imageQuality":90,"usmToggle":false,"usm_a":0,"usm_r":0,"usm_t":0,"videoSound":false,"videoSpeed":"1","videoLoop":true,"jsonStyleParams":"","gallerySizeType":"px","gallerySizePx":940,"allowTitle":true,"allowContextMenu":true,"textsHorizontalPadding":-30,"itemBorderColor":{"themeName":"color_12","value":"rgba(243,243,243,0.75)"},"showVideoPlayButton":true,"galleryLayout":2,"targetItemSize":940,"selectedLayout":"2|bottom|1|fill|true|0|true","layoutsVersion":2,"selectedLayoutV2":2,"isSlideshowFont":false,"externalInfoHeight":0,"externalInfoWidth":0.5},"container":{"width":940,"galleryWidth":972,"galleryHeight":0,"scrollBase":0,"height":null}}

RISK & CYBERSECURITY

Thoughts from the Field