May 173 minCrypto isn’t the Only Cyber Issue in a Post Quantum WorldLet’s assume general purpose quantum computers that can operate usefully at scale are coming. I think a reasonable timeframe is 15 years....
May 92 minThink Twice Before Switching Off Controls : Chesterton's FenceChesterton's Fence is a cautionary tale to make sure that before you change things you actually understand their purpose. This is particu...
Feb 25 minDealing with the Deluge of VendorsEveryone is deluged with approaches from product and service vendors, small and large. Even vendors struggle to keep track of who their c...
Jan 204 minOperational ResilienceThe Bank of England has recently released a sequence of consultation papers, after an earlier discussion paper, laying out a framework f...
Jan 13 minPredictions and Calls to ActionIt’s that time of year for all the predictions of what to expect for the next year, and now - the next decade. I’m generally not a fan of...
Nov 10, 20191 minShrines of Failure I was at an event recently where one participant talked passionately about a disaster they had that they have since preserved artifacts f...
Sep 1, 20192 minVulnerability ManagementI don’t see much written on vulnerability management in more holistic terms vs. patch/bug fixing. This might be ok given a lot of vulnera...
May 24, 20191 minCoding Skills and SecurityI've increasingly found, with respect to coding, security has come full circle. Those of us who started in the 80's/90's had to code (or ...
Feb 12, 20192 minTechnology - RetrospectiveIn the late 1980’s I was a developer using virtualized systems and containers, software defined networks, thin-client end points that cou...