Building a Cybersecurity Culture Are you curious about how you can be successful at building a cybersecurity culture? This course will teach you how to leverage organizational change principles to develop, maintain, and measure a security-driven culture. Through hands-on instruction, interactive labs, and exercises, you will apply organizational change concepts to various security initiatives and […]
What Assumptions Are You Making?
What Assumptions Are You Making? I used to make a lot of assumptions. I assumed I would get an alert if my security agents were not working correctly. Since no one said there was a problem with my security agents, I assumed everything would be okay. These are just a few assumptions I make daily […]
What Systems Keep You Effective?
What Systems Keep You Effective? Previously I discussed What’s On Your Not To Do List as a means to remain focused on priorities. I never fear running out of work in cybersecurity. Instead, I worry that our focus does not always stay on the most critical issues. Today I want to highlight several techniques I use to help remain effective. […]
What is the State of Your Union?
Regularly the President of the United States delivers the State of the Union address. This practice “fulfills rules in Article II, Section 3 of the U.S. Constitution, requiring the President to periodically give Congress information on the “state of the union” and recommend any measures that he believes are necessary and expedient.”. What if you […]
KNOW before NO
KNOW before NO A good friend told me an engaged information security professional leads with the KNOW instead of the NO. This comment struck me and has resonated well for the last several years. It has encouraged me to better understand the desires of the business areas in an attempt to avoid the perception of […]
Distraction as a Service
I recently posted the below on the SANS Internet Storm Center. Have you noticed that some security projects never seem to get finished? Despite the best of intentions, often times they linger, sometimes for years. I believe that distractions play a role in security projects being delayed and ultimately never being completed. If not monitored closely, nothing will […]