Building a Security-Based Culture

This course will teach you how to leverage organizational change principles to develop, maintain, and measure a security-driven culture. Through hands-on instruction and a series of interactive labs and exercises, you will apply the concepts of organizational change to various security initiatives and quickly learn how to embed security into your organization’s culture. Learn about […]

How to work in ways that will make your boss take notice!

  The best career advice I ever received came from a non-tech non-cyber friend many years ago. Little did I know how well her sage advice would serve me over the last 20 years. The lesson was – Get wisdom as cheaply as you can. In this presentation, I discussed several tips and tricks that […]

Resolve to Be More Involved In Your Local Community – REVISITED

It has been five years since I published my first Diary at the SANS Internet Storm Center on the topic of getting more involved in your local community.┬áNow that January is almost over and those new year resolutions you made last month may or may not still be in place, I want to give you […]

CIS Controls Implementation Guide for Small-and Medium-Sized Enterprises

I recently posted the below on the SANS Internet Storm Center. Recently the Center for Internet Security (CIS) released the CIS Controls Implementation Guide for Small-and Medium-Sized Enterprises (SMEs). The Implementation Guide is directly mapped to the CIS Critical Security Controls and is focused on actionable steps that can be taken right now to assess and improve the cyber […]

What Can You Learn On Your Own?

I recently posted the below on the SANS Internet Storm Center. We are all privileged to work in the field of information security. We also carry the responsibility to keep current in our chosen profession. Regularly I hear from fellow colleagues who want to learn something, but do not have a training budget, feel powerless and sometimes give up. I would like to share several […]

KNOW before NO

I recently posted the below on the SANS Internet Storm Center. A good friend told me that an engaged information security professional is one who leads with the KNOW instead of the NO. This comment struck me and has resonated well for the last several years. It has encouraged me to better understand the desires of the business […]