top of page
Search
The CISO Factories: 12 Features of Organizations that Create Security LeadersÂ
There are organizations that seem to have disproportionately created a large number of leaders who have gone on to be CISOs or other...
Jan 256 min read
Â
Â
Keys to Career Success
I’ve given variants of this talk at a few events in 2024 and received a lot of requests for the slides and a blog post. So here we go. ...
Jan 115 min read
Â
Â
Top Ideas and Posts from 2024
I managed to keep up the pace of 1 post every 2 weeks throughout 2024. Just when I think I might be running out of ideas, and the backlog...
Dec 28, 20246 min read
Â
Â
Leadership: One Day at a Time, One Step at a Time
One of the most profound, yet simple, acts of leadership I personally experienced was in the days after 9/11/2001. After the terrorist...
Dec 14, 20242 min read
Â
Â
Regulatory Harmonization - Let’s Get RealÂ
Every few months some association or other learned group of professionals makes a fresh call to action for cybersecurity regulatory...
Nov 30, 20247 min read
Â
Â
Lessons in Crisis Management - Top 10 Disaster MoviesÂ
I’ve previously posted about some of the best security movies made  but I have to confess I’m not a big fan of the genre. They tend not...
Nov 16, 20243 min read
Â
Â
Risk Appetite and Risk Tolerance - A Practical Approach
If you work for a large organization, especially public or otherwise regulated companies, then you may well have faced the prospect of...
Nov 2, 202413 min read
Â
Â
Threat Hunting: Real World vs. Cyber World
It’s puzzling that there aren’t more articles comparing and contrasting wildlife hunting techniques with cyber threat hunting, or maybe...
Oct 19, 20247 min read
Â
Â
Job Interviews: Part 2 Conducting the Security Interview - The Big 10
This is the second of two posts about interviews (the first post is here ). In this one I’ll focus on interviewing candidates and the...
Oct 5, 202417 min read
Â
Â
Job Interviews: Part 1 Acing the Security Interview - 10 Top Tips
This is the first of two posts about interviews. In this one I’ll focus on interviewing for a role. In the next one we’ll look at how to...
Sep 21, 202411 min read
Â
Â
6 Truths of Cyber Risk Quantification
I wrote the original version of this post over 4 years ago. In revisiting this it is interesting to note that not much has actually...
Sep 7, 20248 min read
Â
Â
Ethics and Computer Security Research
If we are to keep advancing the fields of information / cybersecurity, technology risk management and resilience then we need to apply...
Aug 24, 20246 min read
Â
Â
bottom of page