Security Program Tactics - Updated
When starting or reinvigorating a security program, focus on a small number of meta-objectives that can have sustained outsize effects in...
top of page
Search
- Nov 6, 2021
- 6 min
Slipstreaming : Business Tactics for Security & Control Implementation
One of the most frequent cybersecurity binary thinking curses is that just because senior leadership in organizations won’t do every...
1,466
- Oct 22, 2021
- 4 min
Conferences and the Wider Security Eco System Culture - Toxic or Not?
This could be part of another whole series on the curse of binary thinking so please read this in that tone. In other words, I’m trying...
911
- Oct 9, 2021
- 3 min
The Leading Indicators of a Great Info/Cybersecurity Program - Updated
As we see more incidents occurring, whether ransomware, data breaches or fraud, many thoughts turn to how to know whether those we do...
4,248
- Sep 25, 2021
- 4 min
Cyber Deterrence : A Simple Perspective
Cyber deterrence is a topic that comes in and out of vogue. It is widely studied but often misunderstood. It also suffers tremendously...
1,423
- Sep 12, 2021
- 8 min
If Accounting were like Cybersecurity
It has always struck me how well the field of finance and more specifically accounting has done to standardize on its terms. This...
2,702
- Aug 27, 2021
- 3 min
Risk Management is not only about Reducing Risk - Updated
This is an update from a post of a couple of years ago prompted by some recent observations from a few different organizations. It seems...
2,816
- Aug 14, 2021
- 9 min
Risk = Hazard + Outrage
There are four major insights that, above all others, have influenced my approach to security and risk management over the past decades....
4,352
- Jul 30, 2021
- 7 min
CISO: Archeologist, Historian or Explorer?
We talk about attackers being the enemy. Sometimes we talk about insider threats. But one of our biggest enemies is pernicious...
2,163
- Jul 16, 2021
- 8 min
Cybersecurity - The Board's Perspective
How Boards, especially public company Boards, oversee cybersecurity is a crucial but difficult topic. This previous post discussed how...
8,187
- Jul 3, 2021
- 6 min
Cybersecurity and the Curse of Binary Thinking
Working in information/cybersecurity and technology risk is a fascinating and challenging career, as I’ve covered here. There is, mostly,...
23,084
- Jun 19, 2021
- 7 min
The Actual Cybersecurity Workforce Challenge
We continuously hear about the millions of unfilled cybersecurity roles, although I’ve yet to see a study that actually supports that...
5,499
bottom of page