What Systems Keep You Effective?

I recently posted the below on the SANS Internet Storm Center. Previously I discussed What’s On Your Not To Do List as a means to remain focused on priorities. I never fear running out of work in cybersecurity. Instead, I worry that our focus does not always stay on the most critical issues. Today I want to highlight several techniques I […]

Version 7 of the CIS Controls Released

I recently posted the below on the SANS Internet Storm Center. The CIS Controls serve as a “prioritized set of actions to protect your organization and data from known cyber attack vectors.”. Embraced by several organizations as outlined in the Case Studies section, significant improvements to their cyber security programs are listed and can serve as an inspiration to consider this […]

What’s On Your Not To Do List?

I recently posted the below on the SANS Internet Storm Center. In our craft, there are more than ample opportunities to occupy our time. There are so many things you CAN do. How can you ensure focus on the things that actually make the biggest impact? I suggest that often times you take on more work than what you are able to complete. […]

Unauthorized Change Detected!

I recently posted the below on the SANS Internet Storm Center. How do you detect what has changed in your environment? Is it possible to think beyond the alerts you get from your tools and consider what changes that you absolutely need to know about when they occur? When systems in your environment move from “normal” to “abnormal”, would you […]

Applied Lessons Learned

I recently posted the below on the SANS Internet Storm Center. What were those tough lessons learned that you will never forget and more importantly vowed to never repeat again? Especially those of you who have been in information security for many years and perhaps a member of several different teams. Consider yourself encouraged to remember those “from […]

Security Awareness for Security Professionals

I recently posted the below on the SANS Internet Storm Center. During Cyber Security Awareness Month (CSAM), we develop campaigns for our coworkers that attempt to encourage them to stop clicking on links and  reusing their passwords. These are good reminders for us as information security professionals even though we focus on these topics during the other 11 months […]