Thursday, February 16, 2017

How do you take mature security operations to the masses?

In my opinion, every organization deserves a mature security operations function, regardless of the organization's size.  How can that become a reality?  Is that even a realistic expectation?  I discuss in my latest SecurityWeek piece: http://www.securityweek.com/taking-mature-security-operations-masses.  I hope you will find the piece thought provoking.

Wednesday, January 25, 2017

Hiding in Plain Sight

No one really believes in security by obscurity anymore, do they?  Sadly, some people still do, but probably for different reasons than you might expect.  I discuss this topic -- with a twist -- in my latest SecurityWeek piece: http://www.securityweek.com/hiding-plain-sight-why-your-organization-cant-rely-security-obscurity.  Hope you enjoy.

Friday, January 13, 2017

20 Questions Security Professionals Should Ask Ourselves

This month, like the previous several months, brings with it the latest installment in the 20 questions series.  In this installment, I discuss 20 questions we should be asking ourselves.  Curious what I mean?  Have a look at my latest piece in DarkReading: http://www.darkreading.com/endpoint/crowdsourcing-20-answers-to-security-ops-and-ir-questions/a/d-id/1327865?.

Thursday, January 5, 2017

Good Security is a Marathon, Not a Sprint

If you cut corners in security, you may be able to fool a few people in the near-term.  But in the long-term, you won't fool anyone at all.  There is elegance in simplicity, but foolishness in over-simplification (and over-complication for that matter).  Curious what I mean?  Have a look at my latest piece in SecurityWeek: http://www.securityweek.com/good-security-marathon-not-sprint.

Tuesday, December 20, 2016

20 Questions Security Pros Should Ask Themselves Before Moving To The Cloud

In my last four DarkReading pieces, I focused on 20 questions security practitioners can ask vendors across four separate markets to better understand their offering.  In my latest piece, I play 20 questions again, but with a twist.  Curious what that twist is?  Have a look at my latest in DarkReading to find out: http://www.darkreading.com/operations/20-questions-security-pros-should-ask-themselves-before-moving-to-the-cloud/a/d-id/1327748?.

Wednesday, December 14, 2016

What can the printing press teach us about security?

It's kind of an odd comparison, don't you think?  What could the printing press possibly teach us about security?  I discuss that very question in my latest piece in SecurityWeek: http://www.securityweek.com/important-security-lesson-taken-printing-press.  Hope you enjoy.

Thursday, December 1, 2016

20 Questions Smart Security Pros Should Ask About 'Intelligence'

You guessed it -- it's time to play 20 questions again.  This time, let's tackle the topic of intelligence.  My latest piece in DarkReading discusses: http://www.darkreading.com/operations/20-questions-smart-security-pros-should-ask-about-intelligence-/a/d-id/1327565.  I hope you find the piece thought provoking, helpful, and informative.