I recently had a wonderful opportunity to sit in on a panel discussing how the pandemic is going to change the way security practitioners think about protecting their organizations.
A recent interview I did with SearchSecurity/TechTarget. While much was about the benefits and love of the job, the 'job churn' and 'burnout' discussions are front and center in the…
As a hiring manager, how does someone make a person go through three video interviews, do two coding assignments, be so impressed with the coding that they then fly the…
After countless years of presenting to boards, executives, and colleagues, I’ve found that I’ve developed almost a split-personality when I’m asked about what metrics to track.
Developing clear, well defined cybersecurity metrics are necessary for the business lines to understand the risk they face. Therefore, it is often a challenge because technical risk doesn’t always relate…
As I write this, it is the celebration of Alan Turing’s 106th birthday (June 23, 1912). As someone who wears their Geek Badge proudly, one has to wonder what the…
Honored to be included in this multi-topic whitepaper on how to manage risk throughout the enterprise by partnering with your business lines. In this special Risk Management report by Ethisphere and…
An interview with Radware around identifying cybersecurity talent in unexpected places within your enterprise. Companies are scrambling to fill cybersecurity positions. Some 41 percent of CIOs surveyed by recruiting firm…
An interview with SecurityWeek around how FUD permeates the cybersecurity industry and how security vendors use it to sell unnecessary products. Increasingly, vendors have come under scrutiny with the never…
An interview with CSOonline around the hiring challenges the security industry continues to face. New U.S. Attorney General Jeff Sessions may disagree about whether there is a shortage of skilled…
I recently had the honor of participating in an IBM/International Consortium of Minority Cybersecurity Professionals (ICMCP) event in Manhattan. This is coverage of the panel I was on which discussed…
The MIAX Security team was honored to be a case study on deploying a real-world, fully integrated Privileged Access Management solution. The MIAX Options Exchange needed more than a way to…
A case study on the enterprise-wide deployment of a fully integrated privileged account management solution, the potential deployment challenges, and the numerous post-deployment security and productivity benefits. Challenge: Provide Regulatory…
Being someone who’s spent the better part of his InfoSec career in the greater NYC area, one tends to become acutely aware of the millions of people who surround them…
Recap of a panel discussion which focused on a few key data security topics and included Mike Marsilio, director of security and compliance, DTI; Mark Connelly, CISO, Thomson Reuters; Steve…
To ensure both safety and survival, we all have to recognize our personal responsibility for information security. Admiral Michael Rogers, the director of the National Security Agency, said he expects…
Technically Philly held a panel discussion featuring several prominent local CISO’s to talk about the evolving cybersecurity industry, the challenges we face with bring your own device, and what the…
A Politics of Information Security Webcast Earlier this year, a panel of Chief Security Officers from some of the nation’s highest profile companies met to talk about how to get…
The Action That Shook An Industry
The SEC has put the executives of SolarWinds, including the CFO and CISO on notice. How will this impact the future of the security industry?
The Interrupt-driven Life of a CISO
The interrupt-driven life of a CISO and how stress impacts our thought process and the changes we make to how our minds work.
CSNP: How Working From Home Is Changing The Business Environment
I recently had a wonderful opportunity to sit in on a panel discussing how the pandemic is going to change the way security practitioners think about protecting their organizations.
BeyondTrust: CISO Diaries
I had the honor of participating in the LinkedIn Live event on some of the scarest things I have ever heard from my security team.
CISO 101: How to Walk & Talk Like a CISO
I had an opportunity to reflect on what is takes to be a CISO, how I got here, and where I think the industry is heading.
CISO position burnout causes high churn rate
A recent interview I did with SearchSecurity/TechTarget. While much was about the benefits and love of the job, the 'job churn' and 'burnout' discussions are front and center in the…
A Few Leadership Work-From-Home Tips
A few tried-and-true practices to keep you productive and sane while spending an unexpected few weeks in the home office.
Tech Hiring is Badly Broken
As a hiring manager, how does someone make a person go through three video interviews, do two coding assignments, be so impressed with the coding that they then fly the…
When Security Metrics Miss The Point
After countless years of presenting to boards, executives, and colleagues, I’ve found that I’ve developed almost a split-personality when I’m asked about what metrics to track.
Free NIST CSF Maturity Tool
In my previous post, ‘My Three Wishes for 2019’, I had wished that we all find a way to give back to the industry, even a little bit. In an…
The Identity Maturity Calculator
The Authentication Maturity Stack
SecurityWeek: Quest for Cybersecurity Metrics Fit for Business
Developing clear, well defined cybersecurity metrics are necessary for the business lines to understand the risk they face. Therefore, it is often a challenge because technical risk doesn’t always relate…
Why Diversity Matters in Leadership
As I write this, it is the celebration of Alan Turing’s 106th birthday (June 23, 1912). As someone who wears their Geek Badge proudly, one has to wonder what the…
Ethisphere/Opus: Risk Management as a Team Sport
Honored to be included in this multi-topic whitepaper on how to manage risk throughout the enterprise by partnering with your business lines. In this special Risk Management report by Ethisphere and…
Radware: Places to find cybersecurity talent
An interview with Radware around identifying cybersecurity talent in unexpected places within your enterprise. Companies are scrambling to fill cybersecurity positions. Some 41 percent of CIOs surveyed by recruiting firm…
SecurityWeek: Fighting CyberSecurity FUD and Hype
An interview with SecurityWeek around how FUD permeates the cybersecurity industry and how security vendors use it to sell unnecessary products. Increasingly, vendors have come under scrutiny with the never…
CSOonline: Should security pros get special H-1B visa consideration?
An interview with CSOonline around the hiring challenges the security industry continues to face. New U.S. Attorney General Jeff Sessions may disagree about whether there is a shortage of skilled…
SC Magazine: Diversity, one key to solving cybersecurity job gap
I recently had the honor of participating in an IBM/International Consortium of Minority Cybersecurity Professionals (ICMCP) event in Manhattan. This is coverage of the panel I was on which discussed…
SC Magazine: Case study on Privileged Access
The MIAX Security team was honored to be a case study on deploying a real-world, fully integrated Privileged Access Management solution. The MIAX Options Exchange needed more than a way to…
Privileged Account Management: A BeyondTrust Case Study
A case study on the enterprise-wide deployment of a fully integrated privileged account management solution, the potential deployment challenges, and the numerous post-deployment security and productivity benefits. Challenge: Provide Regulatory…
A Perspective From The Outside
Being someone who’s spent the better part of his InfoSec career in the greater NYC area, one tends to become acutely aware of the millions of people who surround them…
Thomson Reuters: Responses To Data Security Threats At Law Firms
Recap of a panel discussion which focused on a few key data security topics and included Mike Marsilio, director of security and compliance, DTI; Mark Connelly, CISO, Thomson Reuters; Steve…
CIO Magazine: We All Work In Information Security Now
To ensure both safety and survival, we all have to recognize our personal responsibility for information security. Admiral Michael Rogers, the director of the National Security Agency, said he expects…
Technically Philly: Fears challenge ‘bring your own device’ trend
Technically Philly held a panel discussion featuring several prominent local CISO’s to talk about the evolving cybersecurity industry, the challenges we face with bring your own device, and what the…
The CISO Job – Getting and Keeping It
A Politics of Information Security Webcast Earlier this year, a panel of Chief Security Officers from some of the nation’s highest profile companies met to talk about how to get…