Darren Death

CISO

ASRC Federal


Conducting Organizational Information Security Assessments

Posted on: 15 May 2019

The first step that self-help books suggest when a person wants to change is to perform a self- assessment.  By honestly looking at yourself – the good, the bad, and the ugly – you can gain the knowledge on what direction you need to travel as you attempt to maximize the program you wish to…

Must-Have Skills for CISOs: A CISOs Connect Report

Posted on: 18 Feb 2019

While cybersecurity is dynamic, there are things that are constant. These are the skills that every CISO must have to be successful, whatever the organization and industry, today and in the foreseeable future. In this latest Security Current/ CISOs Connect report, ASRC Federal’s CISO Darren Death combines previous research and his own findings to provide…

The costs of deferring important cyber decisions

Posted on: 22 Oct 2018

I was part of a conversation recently where someone stated that they were tired of all this cyber $%^t. It wasn’t the first time I heard such a sentiment expressed. It’s quite common to hear complaints about the importance placed on cybersecurity today. Unfortunately, those views ignore the rapid changes occurring in our society which are being supported…

Darren Death: Developing a business continuity plan – and sticking to it

Posted on: 01 Oct 2018

It is standard business practice for organizations to have a contingency plan after acknowledging the various threats and risks that it faces. Having a plan in place, however, is not enough. The organization must periodically update the plan, test how well it works, communicate it to stakeholders, and ensure that people have the capability to…

The Attacks of the Future

Posted on: 25 Jul 2018

What might the most damaging attacks of the future look like? The answer to the question may lie somewhere between the known patterns that attackers have established over the years, and signs that we are starting to see today. A look back It started with the sun and the moon. Solar Sunrise was discovered in…

RSA Conference 2016 Highlights – IT Security as a True Part of the Business

Posted on: 09 Mar 2016

RSA provides great opportunities for the CISO to learn in a compressed and diverse way to help further the implementation and management of their IT Security Programs. My goal this year was to look for guidance that didn’t focus on the old view of aligning the IT Security Program with the business. Mostly this message had the IT Security Program engaging in technical security with a goal of not upsetting business leaders. I was looking for sessions that…