Clik here to view.
Open FAIR Complements Risk Management Programs
Open Factor Analysis of Information Risk (Open FAIR) from the Open Group is the industry standard for quantitative risk assessment, and the first successful methodology of this kind. Open FAIR consists...
View ArticleExplaining What We Do: What’s Your Cybersecurity Elevator Pitch?
The cybersecurity elevator pitch is a key communication tool, but security pros tend to struggle with it. For example: My cousin’s son Ben is an enterprising real estate agent and golfer living on a...
View ArticleClik here to view.
DIY Access Control Pitfalls Webinar Featuring Dan Beckett
DIY access control can be problematic. Dan Beckett will be co-presenting with Axiomatics’ Gerry Gebel on: Hidden Pitfalls of Do-It-Yourself Access Control Development and How to Avoid Them Wednesday,...
View ArticleBlockchain and Decentralized Identity Presentation for ISACA GWDC Chapter
Security Architects Partners’ Dan Blum will be speaking September 20, 8:30 AM, at the ISACA Greater Washington DC Chapter’s Cybersecurity and Risk Conference (Register). Here is the presentation...
View ArticleClik here to view.
The New Vulnerability and Risk Management (VRM) Paradigm: Holistic, Dynamic,...
The ability to perform effective Vulnerability Risk Management (VRM) is an important marker of IT security maturity. Why? Managing the flow of vulnerabilities in complex IT environments is a major...
View ArticleClik here to view.
FAIRCON Showcases Quantitative Risk Analysis on the Cusp of Adoption
At FAIRCON 2018, keynote speakers described FAIR as a quantitative risk analysis “movement” to change the way industry measures and manages risk. Deep, ongoing frustration in business and government...
View ArticleClik here to view.
How to Establish a Security Culture
Security culture is the set of ideas, customs, and social behaviors that impact security in an organization, both in a positive and a negative way. This is a fascinating discipline deserving of more...
View ArticleClik here to view.
Launching Rational Cybersecurity for the Business
“Rational Cybersecurity for the Business,” my upcoming book, will help business and security leaders see through misinformation, FUD, and hype. It will explain how to think about our challenging...
View ArticleClik here to view.
Network Segmentation in the Zero Trust Era
There is still a need for network segmentation in the zero trust era, but it needs to be software-defined. Otherwise, traditional network segmentation will be over-whelmed by the growing number of...
View ArticleThe Pros and Cons of using Blockchain in Financial Services
Webinar Title: Blockchain or Bust? The Pros and Cons of using Blockchain in Financial Services Webcast Live Date & Time: 8:00 am PST / 11:00 am EST Mar 12 2019 United StatesDuration: 60 mins...
View ArticleClik here to view.
RSA 2019: Has Zero Trust Become an Impediment?
RSA CEO Rohit Ghai and former Chief Strategy Officer Niloofar Razi Howe’s keynote today could have been re-titled “Standing in the Bleak Landscape of Zero Trust.” It has become an impediment, they...
View ArticleInfosecurity Magazine Online Summit North America: IAM Panel on March 27
I’ll be speaking at the Infosecurity Magazine Online Summit North America on an IAM panel at 3:00 PM EST March 27. I’ll be on with Diana Kelley (Cybersecurity CTO, Microsoft) and Paul Simmonds (CEO,...
View ArticleClik here to view.
Active Directory Audit: Why and How
Why is 1:00 PM EST March 26 important? That’s when I’ll be presenting an Active Directory Audit webinar. The figure below features some of the issues I’ll be covering that motivate audit. A brief...
View ArticleClik here to view.
Helping CISOs and Board Members Communicate on Risk: A Shared Assessments...
Returning from the Shared Assessment Summit 2019 last week, I was struck by one repeated message: CISOs and Board of Directors members are still struggling to assess and communicate risk. Early in the...
View ArticleClik here to view.
Rational Cybersecurity Q2 Update
Since launching the Rational Cybersecurity for the Business book project to kick off the New Year, I’ve made great progress, completing more than 20 security leadership interviews, and drafts for 5 of...
View ArticleClik here to view.
Could a Global Reputation System Restore Trust to Business and Governance?
“A global reputation system will restore trust,” said RSA CEO Rohit Ghai during a keynote presentation I reviewed at RSA 2019. In the same way that whitelisting is more effective than blacklisting in...
View ArticleMastering Hybrid Active Directory Auditing Webinar: June 11
Hybrid Active Directory Auditing seems like a topic no one is covering – until now! Please sign up with BeyondTrust for my June 11, 2019 | 1:00 PM – 2:00 PM ET webinar to learn more. All too often...
View ArticleClik here to view.
Launching Rational Cybersecurity for the Business
“Rational Cybersecurity for the Business,” my upcoming book, will help business and security leaders see through misinformation, FUD, and hype. It will explain how to think about our challenging...
View ArticleClik here to view.
Network Segmentation in the Zero Trust Era
There is still a need for network segmentation in the zero trust era, but it needs to be software-defined. Otherwise, traditional network segmentation will be over-whelmed by the growing number of...
View ArticleThe Pros and Cons of using Blockchain in Financial Services
Webinar Title: Blockchain or Bust? The Pros and Cons of using Blockchain in Financial Services Webcast Live Date & Time: 8:00 am PST / 11:00 am EST Mar 12 2019 United StatesDuration: 60 mins...
View Article