Why should you always answer a question with a question? Why not? Curious why I'm asking? Have a look at my most recent SecurityWeek piece entitled "Always Answer a Question with a Question": http://www.securityweek.com/always-answer-question-question. In security, the question is often times more important than the answer.
Monday, December 29, 2014
Monday, December 15, 2014
Do you practice spear alerting? Curious what that means? Give my latest SecurityWeek piece a read to see what spear alerting is all about: http://www.securityweek.com/spear-alerting-improving-efficiency-security-operations-and-incident-response. I hope you enjoy the piece, and I invite your feedback and thoughts as always.
Saturday, December 13, 2014
To insource or outsource? To host in the cloud or on-premises? Those are sometimes difficult questions to answer, particularly when it comes to technology and product in support of information security. I've put together some thoughts to help with the decision making process in my next piece for The Business Journals entitled "Creating the right mix of cloud and on-premises tech systems": http://www.bizjournals.com/bizjournals/how-to/technology/2014/12/interesting-way-to-communicate-with-your-assistant.html.
Tuesday, December 2, 2014
When discussing the effectiveness or maturity of a security program, budget is one of the criteria most often mentioned. Does it make sense to evaluate security in terms of budget? Further, is budget necessarily a good way to measure a security program? My thoughts on this topic are in my latest SecurityWeek piece entitled "Is Budget A Good Security Metric?": http://www.securityweek.com/budget-good-security-metric.