top of page
Search
Vulnerability Management
I don’t see much written on vulnerability management in more holistic terms vs. patch/bug fixing. This might be ok given a lot of...
Sep 1, 20192 min read
231
Cybersecurity as a First Class Business Risk
I see a lot of commentary on the need to “treat cyber/info-security as a business issue not an IT issue”. The problem is it implies that...
Aug 17, 20192 min read
400
Controls
Many well-known security incidents appear to have a common pattern. They are not the result of some awesome attacker capability to...
Aug 12, 20193 min read
1,066
Fundamental Drivers of Information Security Risk
As I get older and (hopefully) wiser it has become ever more apparent that all the issues and risks we face arise from a small number of...
Jul 21, 20192 min read
427
Threat Intelligence
Threat intelligence seems, at least to me, to get maligned too much. For many years I’ve found it an immensely useful element of an...
Jul 18, 20192 min read
200
The Reporting Line of Security Teams / CISOs
Having read many people’s strong-held views on this topic I thought I’d add to the mix. Despite a lot of people now inevitably thinking...
Jun 9, 20193 min read
1,544
Coding Skills and Security
I've increasingly found, with respect to coding, security has come full circle. Those of us who started in the 80's/90's had to code (or...
May 24, 20191 min read
819
Cybersecurity Workforce Development
It is still somewhat frustrating that most of the dialog about the skills shortage in cybersecurity focuses, perhaps inevitably, on the...
May 24, 20193 min read
221
Time Management
It never ceases to amaze me the opportunities and interesting work that stem from the multitude of connections that come from being...
May 14, 20191 min read
254
Technology - Retrospective
In the late 1980’s I was a developer using virtualized systems and containers, software defined networks, thin-client end points that...
Feb 12, 20192 min read
634
bottom of page