Tech Layoffs: A Risky Business
Posted on: 09 Feb 2023
Amid the cascade of tech layoffs, I don’t see companies taking a conscious look at all the risk involved. Perhaps it’s time to start changing the conversation. There are a…
Board Reporting Continued: Updating the Board on IT
Posted on: 23 Dec 2022
Last week, I spoke about board reporting, and how it helps to validate our programs and give the board confidence that we’re minding the store. Today, I’d like to…
Board Reporting: Why It’s Important and How to Do It Meaningfully
Posted on: 14 Dec 2022
Board reporting is a significant element of our jobs, and it’s got to be delivered in a meaningful way. Board reporting validates your program and rationalizes your spend. If you…
The Criticality for Security Teams of Internal Marketing
Posted on: 15 Nov 2022
Marketing is not something we ordinarily associate with our jobs, but I think internal marketing is absolutely critical for technology and security teams. I’ve found that if you want…
How To Acquire and Retain A-Players Has Become A Common Challenge In Our Industry
Posted on: 08 Nov 2022
The ability to attract A-players and keep them from leaving for the next big thing depends to a large extent on the HR team. HR teams understand what they need…
Taking Security from Out of the Shadows in Organizations and Bringing it to the Forefront
Posted on: 07 Oct 2022
In many organizations, the security department is a nebulous thing. Everybody knows it’s necessary, but nobody really knows why it does what it does. It’s time to break out…
Security and IT: It’s A Cohabitation That Ought To Stop.
Posted on: 30 Sep 2022
Security is embedded in IT departments in the vast majority of shops. I think that’s a last-generation way of thinking, because security and IT have different goals. The technology…
The Department of “No.” It’s Time We Turn That Image Around.
Posted on: 23 Sep 2022
It’s our job to understand what users need, and to make sure they can do their jobs with our help. But instead, cyber security teams have won the reputation…
Can CISOs Improve The Way They Leverage Their Staff? Absolutely!
Posted on: 16 Sep 2022
When it comes to staffing in security, I think the most dangerous thing is the generalist. Generalists have a little bit of knowledge about a lot of things, but…
CISOs, Tools and Budgets
Posted on: 08 Sep 2022
CISOs need tools. But people definitely budget for too many. You need to focus on tools that provide you with four or five really key elements. No. 1 is…