Curated Daily Industry News

Image




Diversity Resources to Make a Change

Diversity Resources to Make a Change

2 min read
In holding myself accountable to my own call-to-action, I have dedicated a page to share all of the diversity-centric resources I have collected over the years. From How-To guides to sites that use lexiconic analysis of job postings to ensure they are bias-free, to awareness training tools, to volunteer organizations.
Dark Reading Usability Interview

Dark Reading Usability Interview

1 min read
An interview I did with Ericka Chickowski of DarkReading on the importance of useability of security products.
Let’s Use This Outrage to Make a Change

Let’s Use This Outrage to Make a Change

6 min read
The outrage over the George Floyd murder is causing many to push for change. Will you use your outrage to fix the diversity issues you see every day?
2020 Best New Blog – Security Bloggers Awards

2020 Best New Blog – Security Bloggers Awards

2 min read
Chronicles of a CISO was named 2020 Best New Blog of the Year by the Security Blogger Network
CISO position burnout causes high churn rate

CISO position burnout causes high churn rate

3 min read
A recent interview I did with SearchSecurity/TechTarget. While much was about the benefits and love of the job, the ‘job churn’ and ‘burnout’ discussions are front and center in the industry these days.
Free COVID-19 Resources

Free COVID-19 Resources

1 min read
This page will list various personal and family-related ‘remote’ STEM activities to participate in as well as other free offerings to help companies, individuals and families cope with their newfound way of working.
A Few Leadership Work-From-Home Tips

A Few Leadership Work-From-Home Tips

7 min read
A few tried-and-true practices to keep you productive and sane while spending an unexpected few weeks in the home office.
Tech Hiring is Badly Broken

Tech Hiring is Badly Broken

3 min read
As a hiring manager, how does someone make a person go through three video interviews, do two coding assignments, be so impressed with the coding that they then fly the person up for in-person interviews, and only then decide the coding skills aren’t exactly what they are looking for?!?
The First Anniversary of Chronicles of a CISO

The First Anniversary of Chronicles of a CISO

6 min read
It’s hard to believe it’s been a year already. Twelve months ago, I took the leap and decided that it was time to start my own blog, and now, here we are celebrating the 1st anniversary. Over 110,000 visits later, I am shocked, honored, and above all, humbled that this little pet project has been […]
Identity Attack Vectors, by Haber and Rolls

Identity Attack Vectors, by Haber and Rolls

1 min read
Honored to have had the privilege to write the forward to the third book of Morey Haber‘s trilogy of enterprise attack vectors. This installment, written with Darran Rolls, discusses the details of identity-based attacks and how to protect against them. I’ve written frequently about the necessity of adequately managing the digital identities of our enterprise […]
3 Fundamental Questions to Ask of Your Identity Program

3 Fundamental Questions to Ask of Your Identity Program

1 min read
This is an abbreviated version of my Identity Catechism piece that I wrote in early 2019. This piece focuses on the three key topics to focus on when planning and building an Identity Management Program. While many continue to hold onto the concept of the hardened perimeter, the stark reality is that we live in […]
When Security Metrics Miss The Point

When Security Metrics Miss The Point

10 min read
After countless years of presenting to boards, executives, and colleagues, I’ve found that I’ve developed almost a split-personality when I’m asked about what metrics to track.
Q&A with John Masserini, Global CISO at Millicom

Q&A with John Masserini, Global CISO at Millicom

3 min read
This is an interview with George Hulme is an internationally recognized writer who has been covering the technology and information security space for more than 20 years, with pieces appearing in ComputerWorld, Network Computing, CSOOnline and a host of other print publications. In this Q&A we spoke with John Masserini, chief information security officer at […]
Two-factor Authentication Is Not Dead

Two-factor Authentication Is Not Dead

9 min read
I’ve had just about enough of the fear mongering and lazy ‘reporting’ that’s been in the press recently around how two-factor authentication is broken. I’m not sure about you, but the way the doomsday preachers in mass media have torn apart two-factor authentication lately really has me wondering about the state of journalism anymore. I […]
RSA Sales & Marketing Panel on Relationships

RSA Sales & Marketing Panel on Relationships

4 min read
For a number of years, I’ve had the honor of participating on the T.E.N. ISE® Sales and Marketing Breakfast panel at RSA. This year’s panel included some of my most esteemed colleagues in the industry and was once again a packed house with over 100 vendor representatives. The idea behind the panel is to provide […]