Clik here to view.
Move Your Security Program from its Current State to a Desired State
For many organizations, it is a struggle to get from their CurrentState (CS) to their DesiredState (DS) of security. The struggle is in the planning and construction of the roadmap from CS to DS. In...
View ArticleClik here to view.
Securing Bitcoin and Virtual Currency
Virtual currency is picking up steam, and with that security issues are growing as well. While many issues with traditional internet systems (banking, credit card and fund transfer systems, etc.) are...
View ArticleClik here to view.
Data Breaches Continue Unabated
Why do organizations keep suffering from relentless massive data breaches? Weak security, executive management ambivalence, increasing hacker prowess? Maybe all of the above, but the more cogent reason...
View ArticleClik here to view.
Beyond Security: Why the Cybersecurity Industry Needs Strategic Thinkers
Recently, I sat down with my attack and penetration team (the guys that break into stuff), and I was reminiscing about the old days of penetration testing. It got me to start thinking that, as the...
View ArticleClik here to view.
Beyond Security: Part 2
Strategic vs. tactical thinking, is a common misconception in security. Many security professionals believe that by completing tactical functions they are ultimately achieving strategic goals. The idea...
View ArticleClik here to view.
Beyond Security: Part 3
Once you understand the organization’s strategy, aligning security to it becomes the easy part. While there are unknowns in everything we do, we as security professionals must make assumptions when...
View ArticleClik here to view.
2014 Best Predictions for Privacy (and Security)
Each year about this time, I pull out my foggy crystal ball and prognosticate the future of Privacy and Security! For data privacy and security professionals, this year offers optimism, but with...
View ArticleBuilding an Enterprise Open Source Intelligence (OSINT) Program
“Information is power. Do you know what the Internet says about your company?” Back in 2009 I gave a well-received talk called “Enterprise Open Source Intelligence (OSINT) Gathering” to several...
View ArticleOne More Data Breach: Are We Desensitized Yet?
Home Depot is reporting that it could be the point of origin for a massive credit card breach. Multiple banks, correlating compromised accounts, hint that the large home improvement retailer’s 1,977 US...
View ArticleClik here to view.
Cyber Security Concerns in the Mergers & Acquisitions Due Diligence Process
With data breaches remaining a steady concern across industries, far too many Mergers & Acquisitions teams are ignoring information security as a key piece of data for decision making. How secure...
View Article