CSNP: How Working From Home Is Changing The Business Environment
I recently had a wonderful opportunity to sit in on a panel discussing how the pandemic is going to change the way security practitioners think about protecting their organizations.
I recently had a wonderful opportunity to sit in on a panel discussing how the pandemic is going to change the way security practitioners think about protecting their organizations.
I had the honor of participating in the LinkedIn Live event on some of the scarest things I have ever heard from my security team.
I had an opportunity to reflect on what is takes to be a CISO, how I got here, and where I think the industry is heading.
{JJM} Great report by Tessian on the economic benefits of diversity in the cyber-workforce.
The Weekly Hotwash: The demise of SHA-1 is a road sign on the deterioration of security controls and how embedded open-source unknowingly introduces risk.
The Weekly Hotwash: How a study of pandemic statistical reporting can help you develop better security metrics.
The Weekly Hotwash: The CISSP vs Masters firestorm and revisiting the secure application development process.
The Weekly Hotwash: Why the hiring process is more to blame than the lack of InfoSec resources and the new NIST Secure Software Development Standards
A recent interview I did with SearchSecurity/TechTarget. While much was about the benefits and love of the job, the ‘job churn’ and ‘burnout’ discussions are front and center in the industry these days.
A few tried-and-true practices to keep you productive and sane while spending an unexpected few weeks in the home office.
As a hiring manager, how does someone make a person go through three video interviews, do two coding assignments, be so impressed with the coding that they then fly the person up for in-person interviews, and only then decide the coding skills aren’t exactly what they are looking for?!?
Overwhelmingly, there is one question about cybersecurity I am asked far more than any other. What’s the best solution I’ve used? Nope. What’s my favorite conference to attend? Negative. How …
After countless years of presenting to boards, executives, and colleagues, I’ve found that I’ve developed almost a split-personality when I’m asked about what metrics to track.
In my previous post, ‘My Three Wishes for 2019’, I had wished that we all find a way to give back to the industry, even a little bit. In an …
Developing clear, well defined cybersecurity metrics are necessary for the business lines to understand the risk they face. Therefore, it is often a challenge because technical risk doesn’t always relate …
Diversitydi·ver·si·ty | \də-ˈvər-sə-tē, dī-\ Definition of diversity 1 : the condition of having or being composed of differing elements : the inclusion of different types of people (such as people …
Honored to be included in this multi-topic whitepaper on how to manage risk throughout the enterprise by partnering with your business lines. In this special Risk Management report by Ethisphere and …
An interview with Radware around identifying cybersecurity talent in unexpected places within your enterprise. Companies are scrambling to fill cybersecurity positions. Some 41 percent of CIOs surveyed by recruiting firm …
An interview with SecurityWeek around how FUD permeates the cybersecurity industry and how security vendors use it to sell unnecessary products. Increasingly, vendors have come under scrutiny with the never …
An interview with CSOonline around the hiring challenges the security industry continues to face. New U.S. Attorney General Jeff Sessions may disagree about whether there is a shortage of skilled …
I recently had the honor of participating in an IBM/International Consortium of Minority Cybersecurity Professionals (ICMCP) event in Manhattan. This is coverage of the panel I was on which discussed …
The MIAX Security team was honored to be a case study on deploying a real-world, fully integrated Privileged Access Management solution. The MIAX Options Exchange needed more than a way to …
A case study on the enterprise-wide deployment of a fully integrated privileged account management solution, the potential deployment challenges, and the numerous post-deployment security and productivity benefits. Challenge: Provide Regulatory …