Thursday, December 19, 2019

Top Ten New Year's Security Resolutions

What are some New Year's security resolutions you can make? I discuss the top ten in my latest SecurityWeek piece: https://www.securityweek.com/top-ten-new-years-security-resolutions.

Thursday, December 12, 2019

5 Tips for Keeping Your Security Team on Target

Looking for ways to keep your security team on target? I discuss five helpful tips in my latest DarkReading piece: https://www.darkreading.com/operations/5-tips-for-keeping-your-security-team-on-target-/a/d-id/1336566.

Wednesday, December 4, 2019

Making the Most of a Changing Workforce Environment

What steps can we take to ensure we make the most of a changing security environment? I discuss in my latest SecurityWeek piece: https://www.securityweek.com/making-most-changing-workforce-environment.

Monday, November 18, 2019

12 Tips for Dealing with a Manipulative Security Manager

Do you work for a toxic manager who takes advantage of you? I discuss "12 Tips for Dealing with a Manipulative Security Manager" in my latest DarkReading piece: https://www.darkreading.com/12-tips-for-dealing-with-a-manipulative-security-manager-/a/d-id/1336337.

Thursday, November 14, 2019

Navigating a Way Out of the Lion's Den Before, During, and After Incident Response

How can you navigate your way out of the lion's den before, during, and after incident response? I discuss in my latest SecurityWeek piece: https://www.securityweek.com/navigating-way-out-lions-den-during-and-after-incident-response.

Monday, October 28, 2019

Tips For Leveraging Security Metrics

How can we leverage security metrics to keep our organization's out of harm's way?  I discuss in my latest SecurityWeek piece:  https://www.securityweek.com/tips-leveraging-security-metrics.

Tuesday, October 22, 2019

Too many cooks in the security kitchen

How can we keep from having too many cooks in the security kitchen? I discuss in my latest DarkReading piece: https://www.darkreading.com/operations/keeping-too-many-cooks-out-of-the-security-kitchen-/a/d-id/1336101.

Monday, October 7, 2019

Let's get serious about security metrics

The time to get serious about security metrics is long overdue.  I discuss in my latest SecurityWeek piece: https://www.securityweek.com/lets-get-serious-about-security-metrics.  It's time to give this worthy topic its due attention.

Sunday, September 15, 2019

Taking a Fresh Look at Security Ops: 10 Tips

Maybe you love your executive team, your security processes, tools, or strategy.  Maybe you hate them.  Whatever the situation, it's likely at some point that things will have changed.  I discuss taking a fresh look at security operations in my latest DarkReading piece:  https://www.darkreading.com/risk/taking-a-fresh-look-at-security-ops-10-tips-/a/d-id/1335744?.

Thursday, September 5, 2019

What can the Segway teach us about security?

What could the Segway possibly have to do with security?  More than you might initially realize.  I discuss in my latest SecurityWeek piece: https://www.securityweek.com/what-segway-can-teach-us-about-information-security.  I'll think you'll find that the article takes you on an interesting ride.

Wednesday, August 7, 2019

Security and the Infinite Capacity to Rationalize

Better security begins with putting an end to rationalizing and replacing it with logic.  How so?  I discuss in my latest DarkReading piece: https://www.darkreading.com/threat-intelligence/security-and-the-infinite-capacity-to-rationalize-/a/d-id/1335400.

Sunday, August 4, 2019

What does summer vacation have to do with information security?

What could summer vacation possibly have to do with security?  More than you might initially realize.  I discuss in my latest SecurityWeek piece: https://www.securityweek.com/what-does-summer-vacation-have-do-information-security.  Enjoy your summer.

Sunday, July 7, 2019

20 Questions to Ask During a Real (or Manufactured) Security Crisis

There are important lessons to be learned from a crisis, even the ones that are more fiction than fact.  I discuss what questions to ask during a crisis (whether real or manufactured) in my latest SecurityWeek piece: https://www.darkreading.com/vulnerabilities---threats/20-questions-to-ask-during-a-real-(or-manufactured)-security-crisis/a/d-id/1335079.

Monday, July 1, 2019

Swimming Upstream: What the Salmon Run Teaches Us About Security

Does working in security sometimes feel like swimming upstream?  You're not alone if you think that.  I discuss in my latest SecurityWeek piece: https://www.securityweek.com/swimming-upstream-what-salmon-run-teaches-us-about-security.

Sunday, June 16, 2019

Sensory Overload: Filtering Out Cybersecurity's Noise

No organization can prioritize and mitigate hundreds of risks effectively. The secret lies in carefully filtering out the risks, policies, and processes that waste precious time and resources.  I discuss in my latest DarkReading piece: https://www.darkreading.com/threat-intelligence/sensory-overload-filtering-out-cybersecuritys-noise/a/d-id/1334907.

Thursday, June 13, 2019

Insecurity is good for security

How can insecurity bolster a security program?  Insecurity can help organizations continually learn and make changes.  I discuss in my latest SecurityWeek piece: https://www.securityweek.com/how-insecurity-can-bolster-your-security-program.

Thursday, May 30, 2019

Technology still isn't our problem

It's great to be back on the enterprise side of security after a few years on the vendor side.  Guess what?  Technology still isn't our problem in security.  I discuss in my latest SecurityWeek piece: https://www.securityweek.com/technology-not-our-problem.

Monday, May 13, 2019

How Crossword Puzzles Can Improve Your Information Security Posture

What could crossword puzzles possibly have to do with information security?  More than you might expect.  I discuss in my latest SecurityWeek piece: https://www.securityweek.com/how-crossword-puzzles-can-improve-your-information-security-posture.

The Fine Line of Feedback: 6 Tips for Talking to Security Pros

Feedback is a two-way street in terms of giving, receiving, and knowing how to give and receive.  I discuss in my latest DarkReading piece: https://www.darkreading.com/endpoint/the-fine-line-of-feedback-6-tips-for-talking-to-security-pros/a/d-id/1334596

Monday, April 22, 2019

Why is respect key for retaining top security talent?

Why is respect key for retaining top security talent?  I discuss in my latest SecurityWeek piece: https://www.securityweek.com/respect-key-retaining-top-security-talent.

Wednesday, March 27, 2019

Tuesday, March 26, 2019

Security Lessons from My Game Closet

What can board games teach us about security?  More than you might initially think.  I discuss in my latest DarkReading piece: https://www.darkreading.com/analytics/security-lessons-from-my-game-closet-/a/d-id/1334207.

Friday, March 1, 2019

Solving Security: Repetition or Redundancy?

What is the difference between repetition and redundancy?  What can that difference teach us about security?  I examine both questions in my latest DarkReading piece: https://www.darkreading.com/threat-intelligence/solving-security-repetition-or-redundancy--/a/d-id/1333983  I think you'll find the piece interesting.

Monday, February 4, 2019

What can chickpeas teach us about security?

What can chickpeas teach us about security?  More than you might think.  I discuss hummus and security in my latest DarkReading piece: https://www.darkreading.com/vulnerabilities---threats/kiss-cyber-and-the-humble-but-nourishing-chickpea-/a/d-id/1333751

Wednesday, January 23, 2019

How can idioms relate to infosec?

What do idioms have to do with infosec?  How can we learn from them in the field?  I discuss this topic in my latest SecurityWeek piece: https://www.securityweek.com/devil-you-know-how-idioms-can-relate-information-security.

Tuesday, January 8, 2019

How can confirmation bias affect security?

How can confirmation bias affect security?  More than you might be inclined to believe.  I discuss this interesting topic in my latest SecurityWeek piece: https://www.securityweek.com/confirmation-bias-and-importance-second-opinion.