Relationship Management for the InfoSec Program
A key part of any security leader's role is relationship management. In my experience this is another one of those leadership skills that...
top of page
Search
- May 22, 2021
- 2 min
Segmentation Technologies / Zero Trust
I first came across the notion of doctrine vs. structure in this depiction about the relative positioning of tanks from some blog or...
1,389
- May 13, 2021
- 1 min
Cloud Security
In a few of my posts I've talked about the economy of scale of the cloud is fundamentally changing the game of security. The pace of...
800
- May 8, 2021
- 7 min
Is Complexity the Enemy of Security?
One of the many pieces of accepted wisdom in information/cybersecurity is that complexity is the enemy of security. But is it? You...
3,968
- Apr 24, 2021
- 1 min
Leadership, Business, Security and Risk Reading List
This is my list of favorite books across the various professional disciplines I’m interested in. I have a set of favorite books that are...
2,899
- Apr 10, 2021
- 6 min
Security Leaders Guide to Managing Stress
Security is a tough job. But it is not uniquely so. Our colleagues in risk, safety, compliance, privacy, and many other disciplines have...
2,945
- Mar 27, 2021
- 5 min
Cybersecurity : The Winner’s Game and The Loser’s Game
There is a seminal paper in finance by Charles Ellis called the The Loser’s Game which, in simple terms, foretells the move from active...
2,270
- Mar 13, 2021
- 4 min
Return on Investment for Security
The concept of return on investment (ROI) for security has bugged me for a long time. Not because it isn’t a laudable goal. Of course,...
5,358
- Feb 27, 2021
- 3 min
"Hell Yes, or No" vs. "Soft Yes, and Fast Quit"
I am a big fan of the concept of saying, “Hell Yes, or No” to decide whether to do something or not. Derek Sivers has written well about...
3,574
- Feb 13, 2021
- 4 min
Research Challenges in Info/Cybersecurity - Part 2: “Carbon”
This is the second part of the post from 2 weeks ago, which explored research challenges in Info/Cybersecurity related to systems:...
822
- Jan 30, 2021
- 5 min
Research Challenges in Info/Cybersecurity - Part 1: “Silicon"
This is the first of a two part post on research challenges centered on systems, computer science and engineering research challenges....
973
- Jan 17, 2021
- 3 min
Situational Drivers of Cyber-Risk
Many years ago I wrote down a list of the drivers that create information / cyber-risk or that otherwise compel the need to mitigate this...
2,014
bottom of page