Wednesday, December 23, 2015

How can we think about the security implications of IoT?

There is much buzz about the Internet of Things (IoT) these days.  But in what framework might it make sense to think about the security implications of IoT?  I'm sure there are likely many answers to that question, but I have included a few of my own thoughts in my latest piece in The Business Journals: http://www.bizjournals.com/bizjournals/how-to/growth-strategies/2015/12/how-to-think-about-security-implications-iot.html.

Thursday, December 10, 2015

Awareness is Old News: Make 2016 The Year of Solutions

If you're like me, you get tired of hearing people sound the "cyber" alarm.  I think we're all pretty much aware that there are a number of issues and challenges we face as a security community.  Shouldn't the discussion be about what we can do to solve problems and address some of the issues and challenges we face?  My latest piece in SecurityWeek discusses: http://www.securityweek.com/awareness-old-news-make-2016-year-solutions

Wednesday, December 9, 2015

Learning to Tell Security Stories: Better Context For Better Decision Making

My latest post on the FireEye blog is up: https://www.fireeye.com/blog/products-and-services/2015/12/security-stories.html. The post discusses the idea of telling better stories to ultimately lead to better decision making.  I think you'll find it interesting, and I do hope you enjoy.

Monday, December 7, 2015

Playing It Straight: Building A Risk-Based Approach To InfoSec

What can a crooked haircut teach us about framing the discussion about organizational security goals and strategies?  I discuss this topic in my latest DarkReading piece: http://www.darkreading.com/vulnerabilities---threats/playing-it-straight-building-a-risk-based-approach-to-infosec--/a/d-id/1323441?.  Hope you enjoy the piece.