I recently posted the below on the SANS Internet Storm Center. Now is the time for us to play match maker by setting our application and operating system owners up on their first date. We could call it Stake Holder Speed Dating (SHSD). In SHSD sessions, information security professionals can intentionally facilitate a closer relationship between two critically important, […]
Blog
What Signs Are You Missing?
I recently posted the below on the SANS Internet Storm Center. While recently listening to a presentation, I found my attention drawn to a metal water container at the center of the conference room table. Condensation was all around it and without ever having to interact with the container, I found there were many properties that were easily […]
Security Awareness for Security Professionals
I recently posted the below on the SANS Internet Storm Center. During Cyber Security Awareness Month (CSAM), we develop campaigns for our coworkers that attempt to encourage them to stop clicking on links and reusing their passwords. These are good reminders for us as information security professionals even though we focus on these topics during the other 11 months […]
CIS Critical Security Controls – Version 6.0
I recently posted the below on the SANS Internet Storm Center. Right in the middle of Cyber Security Awareness Month (CSAM), the Center for Internet Security (CIS) released Version 6.0 of the CIS Critical Security Controls for Effective Cyber Defense. This update incorporates significant changes that represent the latest technologies and threats faced by information security professionals. The most notable changes to the CIS Critical Security Controls are listed below and discussed at length […]
Your Security Policy Is So Lame
I recently posted the below on the SANS Internet Storm Center. Every person should avoid lame security policies because of the lack of clarity they leave behind. Often times we find ourselves forced into creating security policies due to compliance requirements. Is there a way to lean into this requirement and get value beyond the checkbox? I certainly […]
The Value of a Fresh Set Of Eyes
The Value of a Fresh Set Of Eyes Ever noticed that being close to a particular problem has an inherent disadvantage? Often working on a problem for a long time, combined with being very close to the problem leads to a less than holistic perspective. You think about the situation as you go to bed […]