An Open Letter to Security Vendors – Part II
Partner with me… Don’t F.U.D. me In Part I, I gave you some food for thought about getting your message out there in a clean, crisp, and concise way. In…
An Open Letter to Security Vendors – Part I
It’s all about the message.. So tell me – did you hear the news?? Apparently, the rumors are indeed true.. 2015 is the year of the Security Startup. And in…
Thomson Reuters: Responses To Data Security Threats At Law Firms
Recap of a panel discussion which focused on a few key data security topics and included Mike Marsilio, director of security and compliance, DTI; Mark Connelly, CISO, Thomson Reuters; Steve…
T.E.N./ISE Success Story: John Masserini
A profile piece by the folks at T.E.N./ISE after winning the 2014 North America Information Security Project of the Year. While these days, there are countless organizations who provide networking…
Booth Babes Banned at RSA – A CSO’s View
While I was unable to attend RSA this year, after reading Chenxi Wang’s LinkedIn post on ‘Booth Babes’, I have to say… It’s about damn time. To briefly recount a…
Waters Technology: Rise of the CISO
CISO’s and Security executives from across the industry talk about how their role has grown in prominence in the capital markets industry. They come from different backgrounds: some have experience…
CIO Magazine: We All Work In Information Security Now
To ensure both safety and survival, we all have to recognize our personal responsibility for information security. Admiral Michael Rogers, the director of the National Security Agency, said he expects…
The Plight of Passwords
Recently, I read an article about how a CISO talked his way out of having an internal auditor write up a finding about weak passwords – which eventually lead to…
BCP: The CISOs Secret Weapon
BCP. Three little letters that, unfortunately, strike mind-numbing boredom into most CIOS’s. The truth is, Business Continuity Planning isn’t synonymous with the excitement that is typically found in the Information…
From the War Room to the Boardroom – The true elevation of the CISO
In the aftermath of the Target breach, there has been a lot of press lately on the need for a CISO in the boardroom. The Wall Street Journal, the NY…
FUD 2.0 – Redefining the FUD factor
The time for FUD is over… Long Live FUD… I’ve been known to say that ‘I’ve been in InfoSec since before it was cool’. After twenty years of being on…
InfoSecurity Magazine: Explosion in Advanced Evasion Techniques (AET)
An interview with Info Security magazine around the maturation of advanced evasion techniques and how attackers abilities to evade detection have matured. With the average cost of a data breach…
Technically Philly: Fears challenge ‘bring your own device’ trend
Technically Philly held a panel discussion featuring several prominent local CISO’s to talk about the evolving cybersecurity industry, the challenges we face with bring your own device, and what the…
The CISO Job – Getting and Keeping It
A Politics of Information Security Webcast Earlier this year, a panel of Chief Security Officers from some of the nation’s highest profile companies met to talk about how to get…
POA: Ensuring Privacy through Secure Enclaves
The very first piece I had published was in 2002 for the International Association of Privacy Professionals newsletter, discussing how secure enclaves would be beneficial to the privacy effort. The…