Attack Surface Management
Force 3 : Services want to be on // Central Idea: Take architectural steps to inherently reduce your attack surface - don’t just rely...
Attack Surface Management
Software Security is More than Vulnerabilities
Data Security and Data Governance
The 6 Fundamental Forces of Information Security Risk
Ceremonial Security and Cargo Cults
Simple Ways to Communicate Successes
The Uncanny Valley of Security - Updated
A New Way to Think : Review
Grand Challenges or Grind Challenges
Crucial Questions from Governments and Regulators
Crucial Questions from CISOs and Security Teams
Crucial Questions from CEOs and Boards
3 Year Review
The Reporting Line of Security Teams / CISOs - Updated
Are Security Analogies Counterproductive?
Defense in Depth
Regulatory Relationships
10 Fundamental (but really hard) Security Metrics
Resilience is about Capabilities not Plans - Updated
Human Error