Using Metrics to Improve Your Security Program – Part 2
In my previous article, I tried to cover why metrics are an important part of your security program and some of my beliefs about how metrics should be created and…
DetailsIn my previous article, I tried to cover why metrics are an important part of your security program and some of my beliefs about how metrics should be created and…
DetailsSo…you are responsible for the computer security of your organization. You probably have many great ideas on how to do this. You start looking around for products and services to…
DetailsFor the third straight year, Drs. Daniel Solove and Paul Schwartz held their Privacy and Security Forum at George Washington University Law School. For the third straight year I attended…
DetailsBlockchain has the potential to be one of the most disruptive technologies since the invention of the Internet. There is an entire class of problems with distributed reconciliation of data…
DetailsAs business functions move to the cloud, it’s imperative to retain visibility into who is connecting to cloud applications, what they are doing, and what devices they are using to…
DetailsThere are many skilled and intelligent people who aspire to become a Chief Information Security Officer (CISO). I have some career advice for them: Don’t aspire to be a CISO.…
DetailsI have gone back and forth for a long time. Should security be risk-centric or data-centric. Outside of security professionals, you sometimes meet people who believe security should be compliance-centric…
DetailsCISO Security professionals feel no great joy in being right about patching. The past two months have been a period of “I told you so” moments for anyone who has…
Details“We drive into the future looking into our rear view mirrors” Marshall McLuhan (The views expressed in this article are entirely my own do not reflect the position of my employer…
DetailsCISOs are often in a situation where the CEO or a Board member asks them, “Just how secure are we?” Or “Are we secure enough?” These questions sound simple, but…
DetailsTo Michael Mangold, the CISO of rural lifestyle retailer Tractor Supply Company, located outside Nashville, Tennessee, the most important skills for a CISO are not only technical. While his background…
DetailsRecently, I posted a picture of a mind-map that I created just called “The Map of Cybersecurity Domains (v1.0).” The map was put together as a way to clear my head…
Details