What if Identity Didn’t Exist?
The concept of Identity is critical to what we do. If it didn’t exist, how would it change your approach and how would you answer the question?
Cybersecurity in the age of the pandemic
An interview with The Times (UK) around the need for an effective awareness and training program to manage the rapid growth of the remote workforce.
CSNP: How Working From Home Is Changing The Business Environment
I recently had a wonderful opportunity to sit in on a panel discussing how the pandemic is going to change the way security practitioners think about protecting their organizations.
BeyondTrust: CISO Diaries
I had the honor of participating in the LinkedIn Live event on some of the scarest things I have ever heard from my security team.
CISO 101: How to Walk & Talk Like a CISO
I had an opportunity to reflect on what is takes to be a CISO, how I got here, and where I think the industry is heading.
Ed Talks: Kicking 3rd-Party Software Risk to the Curb
Panel discussion on third-party risk. Topics included conducting software composition analysis (SCA), assessing threats and impacts, risk-rating your inventory, and selecting the right controls.
Companies Battle Another Pandemic: Skyrocketing Hacking Attempts
An interview with the Wall Street Journal around the rapid uptick in enterprise attacks seen amongst the initial weeks of the COVID-19 outbreak.
New Resource: Industry Statistics and Metrics
A collection of information security metrics and statistic resources to use when discussing the state of information security. Many of the typical suspects are here – DDoS, Ransomware, SPAM, Insider Threats, DevOps, as well as many others.
The Weekly Hotwash: July 3, 2020
The Weekly Hotwash: A new study on password entropy highlights worrying statistics on how common passwords are across the userbase.
Companies Rush to Implement Identity Systems for Remote Working
An interview with the Wall Street Journal around the need for an effective identity management solution to manage the rapid growth of the remote workforce.
The Weekly Hotwash: June 26, 2020
The Weekly Hotwash: The charade of DDOS booter service takedowns and the death toll for Adobe Flash has begun; will it be as beneficial as we hope?
The Weekly Hotwash: June 19, 2020
The Weekly Hotwash: The explosion of phishing and SPAM during 2020 is a direct attack on our users. It is time to rethink email security.
Diversity Resources to Make a Change
In holding myself accountable to my own call-to-action, I have dedicated a page to share all of the diversity-centric resources I have collected over the years. From How-To guides to sites that use lexiconic analysis of job postings to ensure they are bias-free, to awareness training tools, to volunteer organizations.
The Weekly Hotwash: June 5, 2020
The Weekly Hotwash: 5 of the top 8 threats can be mitigated with programmatic identity management. Are you considering the value such programs bring?
Dark Reading Usability Interview
An interview I did with Ericka Chickowski of DarkReading on the importance of useability of security products.
Let’s Use This Outrage to Make a Change
The outrage over the George Floyd murder is causing many to push for change. Will you use your outrage to fix the diversity issues you see every day?
The Weekly Hotwash: May 29, 2020
The Weekly Hotwash: The demise of SHA-1 is a road sign on the deterioration of security controls and how embedded open-source unknowingly introduces risk.
2020 Best New Blog – Security Bloggers Awards
Chronicles of a CISO was named 2020 Best New Blog of the Year by the Security Blogger Network
The Weekly Hotwash: May 22, 2020
The Weekly Hotwash: How a study of pandemic statistical reporting can help you develop better security metrics.
The Weekly Hotwash: May 15, 2020
The Weekly Hotwash: The CISSP vs Masters firestorm and revisiting the secure application development process.
The Weekly Hotwash: May 8, 2020
The Weekly Hotwash: Why the hiring process is more to blame than the lack of InfoSec resources and the new NIST Secure Software Development Standards
CISO position burnout causes high churn rate
A recent interview I did with SearchSecurity/TechTarget. While much was about the benefits and love of the job, the ‘job churn’ and ‘burnout’ discussions are front and center in the industry these days.
The Weekly Hotwash: May 1, 2020
A Major Step in Federated Identity Management If you have followed my blog for any amount of time, you know that I am a firm believer that user account federation …
The Weekly Hotwash: April 24, 2020
The Weekly Hotwash – A New CoaC Feature Welcome to the first CoaC Weekly Hotwash; a recap of the past week’s news and the implications the stories may have on …
Free COVID-19 Resources
This page will list various personal and family-related ‘remote’ STEM activities to participate in as well as other free offerings to help companies, individuals and families cope with their newfound way of working.