RISK & CYBERSECURITY

There is a plethora of sample job descriptions for security leaders that are often strictly correct but can also be uninspiring or too...

I first wrote this post back in 2021 so I thought it’s time for a revisit with an addition of a few more roles.  We talk about attackers...

For many years I’ve observed the same pattern of failure in projects, programs, issue mitigation and indeed anything that requires more...

Many security leaders, at all levels, correctly focus on having a good strategy and executing against that. However, many teams confuse...

I have a regular set of go to books both for myself and what I recommend to others at all stages in their career. Here they all are with...

Jim Collins  wrote a great little book called Turning the Flywheel  to further develop an idea introduced in his book Good to Great to...

There are organizations that seem to have disproportionately created a large number of leaders who have gone on to be CISOs or other...

I’ve given variants of this talk at a few events in 2024 and received a lot of requests for the slides and a blog post. So here we go. ...

I managed to keep up the pace of 1 post every 2 weeks throughout 2024. Just when I think I might be running out of ideas, and the backlog...

One of the most profound, yet simple, acts of leadership I personally experienced was in the days after 9/11/2001. After the terrorist...

This is the second of two posts about interviews (the first post is here ). In this one I’ll focus on interviewing candidates and the...

This is the first of two posts about interviews. In this one I’ll focus on interviewing for a role. In the next one we’ll look at how to...

We’re getting it wrong on the messaging for incentives to do security - and people are pretending it’s landing when it isn’t. There are 5...

A major success marker of great security leaders and their teams is one simple prioritization technique: the ability to know what needs...

There are many well known, so called, laws of technology. Moore’s law being particularly emblematic. Let’s look at some of them and see...

As we start out, or even when entering a new stage of our careers, we realize the need to be connected to a professional community. For...

Ever since I first became familiar with the 80/20 principle, and other circumstances marked by Pareto distributions, I began to see...

Many of us have been through several leadership transitions in our careers. It could be a new role in the same or different organization....

Thankfully I managed to keep up the pace of 1 post every 2 weeks throughout 2023. Just when I think I might be running out of ideas, and...

A critical measure of success for most security roles is the ability to influence. I’ve often found people think influence skills are...