Ed Moyle

Director of Thought Leadership and Research

ISACA


Evaluating the Container Security Marketplace

Posted on: 07 Jun 2016

It has been just over three years since initial release of Docker (1.0 was released in March 2013) and adoption rates are striking – or potentially alarming depending on your organization’s…

PCI DSS 3.2: What it Means to You

Posted on: 03 May 2016

If you’re a merchant, service provider, or anyone else who stores/processes/transmits cardholder information (i.e. anyone with the PCI DSS in scope), you probably don’t need me to tell you that…

5 Security Gains During Holiday Downtime

Posted on: 16 Dec 2015

It’s the end of the year, which means that the holidays are nigh upon us.  For those of us in security, it’s a time of heightened vigilance.  We know from…

Governance 3.0: Destructive vs. Constructive Technology Adoption

Posted on: 09 Nov 2015

Have you ever heard of “destructive interference?”  In physics, this is the principle that describes the interaction of two waves in exact opposite phase. What happens when two waves are…

Risk Management: Accounting for Disruptive Security Change

Posted on: 30 Sep 2015

We don’t really think about it this way most of the time, but disruption can happen in security just like any other activity in an enterprise.  By this I mean,…

Security Talent Management: Leveraging The “Cool”

Posted on: 29 Jul 2015

I happened to watch the movie “The Duff” recently. If you haven’t seen it, it’s a 2015 teenage comedy film with a plot along the lines of “The Breakfast Club”…

3 Steps You Can Take to Prep Your Security Program for Docker

Posted on: 25 May 2015

As many security professionals may already know, Docker has the potential to have a significant impact on an enterprise.  Among numerous potential advantages, it can increase data center allocation density, the…

Analyzing InfoSec Opportunity Costs

Posted on: 21 Apr 2015

There are a number of lessons that we in security can learn from the world of economics.  This isn’t an original observation on my part: in fact, there are a…

The DHS SWAMP: What It Is and What It Means for Practitioners

Posted on: 19 Feb 2015

I know it might sound sort of corny but whenever I think of the Department of Homeland Security (DHS) “SWAMP” program (the Software Assurance Marketplace) my mind immediately goes to The Empire…

Planning Security: 3 Things to Look for in 2015

Posted on: 19 Jan 2015

Well, the New Year is upon us. Which for most of us means a few things: taking stock of the year that’s just passed, deciding what we can do better…