Yesterday, I was having a variation of a conversation that I’ve had with loads of security leaders and architects in various parts of the world over the years, and it’s a conversation that centers around how to “find the time” to be more strategic in your security architecture efforts. There’s a couple of things at […]
Don’t be the hungry security puppy
Have you ever been really focused on something, and no matter what you did, you didn’t seem to get any closer to it? I mean, damn it! It’s right…there. But I can’t get it. I mean, I want it. I know I want it, but…nope. Maybe if I just tried this… This scene was pretty-much […]
Ever wanted a SABSA vocabulary for the CIS20?
It seems like you can’t swing a cat without bumping into the CIS20 when you talk to people about their security programs. It’s one of the things that comes up far more often than ISO 27000, and even more often than the NIST CSF, but that seems to be changing a little. I have to […]
“Just winging it” is for birds, not your security program
How much of your security control environment has been driven by, basically, “it seemed like there was a gap” or, “it seemed like a good idea” instead of being traceably linked to real business requirements? Now, how many of those controls are the same ones that the user community complains the most about? Hmmm….any correlation? […]
Avoiding being n-trouble thanks to tomorrow’s security frameworks
Back in the day when I was a wet-behind-the-ears CS student with a 14.4K modem and a NeXTcube on my desk (yes, I was very lucky, and it was a helluva upgrade from my previous Zenith Z-183 laptop), I discovered the pbmplus library. I actually don’t remember why I needed it, but it was the […]
- « Previous Page
- 1
- …
- 36
- 37
- 38
- 39
- 40
- …
- 60
- Next Page »
