As a hiring manager, how does someone make a person go through three video interviews, do two coding assignments, be so impressed with the coding that they then fly the person up for in-person interviews, and only then decide the coding skills aren’t exactly what they are looking for?!?
Photo by Hal Gatewood on Unsplash It’s hard to believe it’s been a year already. Twelve months ago, I took the leap and decided that it was time to start my own blog, …
Honored to have had the privilege to write the forward to the third book of Morey Haber‘s trilogy of enterprise attack vectors. This installment, written with Darran Rolls, discusses the …
This is an abbreviated version of my Identity Catechism piece that I wrote in early 2019. This piece focuses on the three key topics to focus on when planning and …
Overwhelmingly, there is one question about cybersecurity I am asked far more than any other. What’s the best solution I’ve used? Nope. What’s my favorite conference to attend? Negative. How …
After countless years of presenting to boards, executives, and colleagues, I’ve found that I’ve developed almost a split-personality when I’m asked about what metrics to track.
This is an interview with George Hulme is an internationally recognized writer who has been covering the technology and information security space for more than 20 years, with pieces appearing …
I’ve had just about enough of the fear mongering and lazy ‘reporting’ that’s been in the press recently around how two-factor authentication is broken. I’m not sure about you, but …
For a number of years, I’ve had the honor of participating on the T.E.N. ISE® Sales and Marketing Breakfast panel at RSA. This year’s panel included some of my most …
A Q&A with John Masserini, CISO at Millicom Telecommunications This Merritt Group blog is part of an ongoing Q&A series with CISOs on preferred marketing and sales techniques, leading up …
In my previous post, ‘My Three Wishes for 2019’, I had wished that we all find a way to give back to the industry, even a little bit. In an …
It’s the end of the year and like all of you, my news feed has been filled with ‘Predictions for 2019’ to such a point that I basically ignore them. …
The Authentication Maturity Stack
On this episode of Cyber Security Business, we sit down with John Masserini, CISO, Millicom, to discuss identity and access management in the current security environment. Excerpt: Kevin West: Welcome to …
In 1998, the US passed The Digital Millennium Copyright Act (DMCA) in an effort to enact several of the requirements of World Intellectual Property Organization (WIPO). DMCA makes it a …
The evolution is underway. Our infrastructures are borderless, our critical data is cloud-based, and our users work from anyplace on the globe – or 36,000 feet above it. Our legacy …
Developing clear, well defined cybersecurity metrics are necessary for the business lines to understand the risk they face. Therefore, it is often a challenge because technical risk doesn’t always relate …
Recently, while attending a conference in DC, I was part of a discussion around the new NIST Digital Identity Guidelines (SP 800-63) and how “…it turned the password world upside …
I’m posting this for two reasons. First, it’s a great read for security vendor’s salespeople. You need to memorize these rules. Secondly, and I have to be honest, I’m pretty …
Diversitydi·ver·si·ty | \də-ˈvər-sə-tē, dī-\ Definition of diversity 1 : the condition of having or being composed of differing elements : the inclusion of different types of people (such as people …
Truly honored to be a featured CISO in the Klogix Profiles in Confidence magazine. Feats of Strength is a business-focused information security magazine created by K logix. They provide a platform for a diverse …
Honored to be included in this multi-topic whitepaper on how to manage risk throughout the enterprise by partnering with your business lines. In this special Risk Management report by Ethisphere and …
An interview with Radware around identifying cybersecurity talent in unexpected places within your enterprise. Companies are scrambling to fill cybersecurity positions. Some 41 percent of CIOs surveyed by recruiting firm …
An interview with SecurityWeek around how FUD permeates the cybersecurity industry and how security vendors use it to sell unnecessary products. Increasingly, vendors have come under scrutiny with the never …
TechTarget interview around aligning Crisis Management and Business Continuity with the control structures of the organization. All CISOs have responsibilities and pressures that make the job fun, interesting and sometimes …
