Clik here to view.
Rational Cybersecurity at RSA: The Human Element
“We need to change our cyber security story from one of technical conflict – with business leaders on the sidelines – to one with users and the business as central characters.” As the author of the...
View ArticleClik here to view.
Placing Information Risk Accountability at the Right Level
When the security program struggles with an issue, bring the discussion to the people who can effect change. Bring it to the business leaders that own the risk, the policy, the resources, and the...
View ArticleClik here to view.
Waking Up to Cybersecurity’s New COVID-19 Reality
The COVID-19 pandemic is creating emergent risks and cybersecurity challenges. Chief Information Security Officers (CISOs) and other security organization leaders are on the firing line, finding...
View ArticleHow to Reduce Third Party Access Risk (Webcast)
Do you think your organization should be doing something differently to control third party access risk? If so, please register for my webcast on April 16! Title: How to Reduce Third Party Access Risk...
View ArticleClik here to view.
Don’t Press Pause on Security Architecture During the COVID-19 Shutdown
As the “COVID-19 shutdown” pushes businesses into what I call “forced digitalization” – with everyone teleworking – it could be easy for IT and security professionals to become all-consumed by basic...
View ArticleClik here to view.
Fifty Keys to Cybersecurity-Business Alignment
My book, Rational Cybersecurity for Business: The Security Leader’s Guide to Business Alignment contains 50 Keys to Alignment that accentuate the guidance. I’m writing about these keys in a “50 keys”...
View ArticleClik here to view.
How to Define Security for Your Business
Could it be that a simple misunderstanding of what cybersecurity means is creating much of the disconnect between business and security leaders that often makes security programs ineffective? According...
View ArticleClik here to view.
Where Should the CISO Report?
When the CISO doesn’t report at the right level of an organization, misalignment between security, IT, the business, and the larger public ecosystems it serves will surely result. Such misalignment...
View ArticleClik here to view.
Don’t be Doctor NO: New Book Helps Balance Restrictive Cybersecurity with...
Balancing what we’d like to do from the pure security control perspective with the need to align solutions with the business is a recurring theme in my book, Rational Cybersecurity for Business. The...
View ArticleEnterprise Cloud Security: Defending the Digital Lifeline (Webcast)
Do you think your organization issues with credentials or privileges as cloud adoption grows amidst COVID-19? If so, please register for my webcast on July 9! Title: Enterprise Cloud Security:...
View ArticleClik here to view.
Cleaning up Risk and Technical Debt in the Wake of the Pandemic
IT staff and developers have had to rework many business processes and applications to operate entirely online. When they make quick fixes, technical teams tend to cut corners. They remove firewall...
View ArticleClik here to view.
Going the Extra Mile for Rational Cybersecurity
Successful security leaders don’t quit in the face of obstacles. They go the extra mile for their security program and understand that cybersecurity isn’t just a technical problem. It’s a people and...
View ArticleClik here to view.
At Long Last Rational Cybersecurity Publishes!
I’m so excited to finally announce that “Rational Cybersecurity for Business: The Security Leaders’ Guide to Business Alignment” is live. You can now buy a paperback, or get a complimentary digital...
View ArticleClik here to view.
Defending the Digital Election Infrastructure
Someday we’ll conduct elections fully online, but to do that we’ll require a more secure digital election infrastructure. As the U.S. 2020 election process ramps up, technology plays an increasing...
View ArticleThe Expanding Universe of Privileges: Why Cloud PAM Matters (Webcast)
Would you like to learn how Privileged Account Management (PAM) systems should cover cloud environments? If so, please register for my September 17 webinar! Title: The Expanding Universe of Privileges:...
View ArticleClik here to view.
5 Tips for Deploying Cloud PAM
Privileged account management for the cloud (cloud PAM) is at long last becoming easier to deploy. To see why, check out my September 17 webinar for BeyondTrust – The Expanding Universe of Privileges:...
View ArticlePathways to Unified Endpoint Management (UEM)
Would you like to learn more Unified Endpoint Management (UEM) – and of course security – strategies? If so, please register for my November 12 webinar! Title: Pathways to Unified Endpoint Management...
View ArticleClik here to view.
Working Together to Create the Future of Security Architecture
The world really needs to take security architecture more seriously! If physical buildings were anything like security systems (experiencing a major breach practically every month), the news would be...
View ArticleClik here to view.
What we Can Learn from the SolarWinds Supply Chain Breach
How could elite security vendor and incident responder FireEye so easily succumb to Solorigate, a state-sponsored supply chain breach of unparalleled magnitude? You should be asking yourselves this...
View ArticleClik here to view.
Which is Easier: Aligning Business to Security, or Security to Business?
Which is Easier: Getting Businesspeople to think in terms of Security, getting Security Teams to think in terms of Business? While security leaders should work both angles, I say the correct answer to...
View Article