Thursday, January 28, 2016

What is the Real Cost of "Good Enough" Security?

What is the real cost of good enough security?  It's an interesting question, isn't it?  My thoughts in my latest SecurityWeek piece: http://www.securityweek.com/what-real-cost-good-enough-security.  Hope you enjoy.

Careers In Infosec: Don't Be Fooled By The Credential Alphabet

What is the relationship between professional certifications, university degrees, and the qualifications of a candidate?  Given the talent shortage in information security, how can we identify and recruit talent that may not have the prior security experience we were hoping for?  I discuss these topics in my latest DarkReading piece: http://www.darkreading.com/careers-and-people/careers-in-infosec-dont-be-fooled-by-the-credential-alphabet/a/d-id/1324066?.

Friday, January 8, 2016

Relationships: Critical to the Security Posture of Your Organization

What is the value of relationships in the security profession?  Simply put, it is far greater than some people realize.  My thoughts on this topic in my latest piece in SecurityWeek: http://www.securityweek.com/relationships-critical-security-posture-your-organization.

Thursday, January 7, 2016

The Matrix Reloaded: Security Goals vs. Operational Requirements

There is no shortage of hype in the information security world.  But how can an organization cut through the hype to identify the people, process, and technology necessary for them to improve their security posture?  My latest piece in DarkReading discusses an approach: http://www.darkreading.com/attacks-breaches/the-matrix-reloaded-security-goals-v-operational-requirements/a/d-id/1323796?.