Controls - Updated
I wrote the first version of this post nearly 3 years ago. It is interesting that since then much of it remains true. Oddly, it also...
Search
- Feb 12
- 18 min
Organizational Politics
At every stage in your career and in every part of your role you are going to have to deal with organizational politics. By this, I don’t...
6,772
- Jan 29
- 16 min
Secrets of Successful Security Programs - Part 2
As introduced in the last post, a successful security program is made up of two distinct elements: A series of episodic big bets that...
5,349
- Jan 15
- 11 min
Secrets of Successful Security Programs - Part 1
A successful security program (although I imagine this advice could apply to any discipline) is made up of two distinct elements: A...
9,359
- Jan 1
- 7 min
The Obvious CISO : Don’t Overlook the Simple
There is a great little book I read recently, “Obvious Adams - The Story of a Successful Businessman", it’s available on Amazon, but it’s...
1,517
- Dec 18, 2021
- 3 min
Risk Megatrends - Updated
Megatrends are long-term, large-scale forces that shape the world around us. They are the driving forces that have tactical consequences...
2,439
- Dec 4, 2021
- 8 min
How is the Security Profession Doing?
I spoke on a CIISEC panel a few months ago about the state of the information security profession. This post is based on remarks I made...
2,320
- Nov 20, 2021
- 4 min
Security Program Tactics - Updated
When starting or reinvigorating a security program, focus on a small number of meta-objectives that can have sustained outsize effects in...
2,159
- Nov 6, 2021
- 6 min
Slipstreaming : Business Tactics for Security & Control Implementation
One of the most frequent cybersecurity binary thinking curses is that just because senior leadership in organizations won’t do every...
1,355
- Oct 22, 2021
- 4 min
Conferences and the Wider Security Eco System Culture - Toxic or Not?
This could be part of another whole series on the curse of binary thinking so please read this in that tone. In other words, I’m trying...
876
- Oct 9, 2021
- 3 min
The Leading Indicators of a Great Info/Cybersecurity Program - Updated
As we see more incidents occurring, whether ransomware, data breaches or fraud, many thoughts turn to how to know whether those we do...
3,880
- Sep 25, 2021
- 4 min
Cyber Deterrence : A Simple Perspective
Cyber deterrence is a topic that comes in and out of vogue. It is widely studied but often misunderstood. It also suffers tremendously...
1,341