What is the State of Your Union?

Regularly the President of the United States delivers the State of the Union address. This practice “fulfills rules in Article II, Section 3 of the U.S. Constitution, requiring the President to periodically give Congress information on the “state of the union” and recommend any measures that he believes are necessary and expedient.”. What if you […]

What’s On Your Not To Do List?

I recently posted the below on the SANS Internet Storm Center. In our craft, there are more than ample opportunities to occupy our time. There are so many things you CAN do. How can you ensure focus on the things that actually make the biggest impact? I suggest that often times you take on more work than what you are able to complete. […]

An Approach to Vulnerability Management

I recently posted the below on the SANS Internet Storm Center. No need to do anything to make your auditor happy than to purchase the most popular scanning tool No need to worry, when the scan is over and the report has been produced – you are all done No need to ever leave your cube and speak […]

Applied Lessons Learned

I recently posted the below on the SANS Internet Storm Center. What were those tough lessons learned that you will never forget and more importantly vowed to never repeat again? Especially those of you who have been in information security for many years and perhaps a member of several different teams. Consider yourself encouraged to remember those “from […]

What Signs Are You Missing?

I recently posted the below on the SANS Internet Storm Center. While recently listening to a presentation, I found my attention drawn to a metal water container at the center of the conference room table. Condensation was all around it and without ever having to interact with the container, I found there were many properties that were easily […]

CIS Critical Security Controls – Version 6.0

I recently posted the below on the SANS Internet Storm Center. Right in the middle of Cyber Security Awareness Month (CSAM), the Center for Internet Security (CIS) released Version 6.0 of the CIS Critical Security Controls for Effective Cyber Defense. This update incorporates significant changes that represent the latest technologies and threats faced by information security professionals. The most notable changes to the CIS Critical Security Controls are listed below and discussed at length […]