In my inbox this morning was from a fellow email subscriber and buyer of the upcoming Definitive Guide to The Agile Security System™ where he was talking about experiencing first hand the value of using SABSA attributes tailored to your stakeholders. However, he also mentioned the quite common challenge of getting people to listen to […]
Seat belts save lives, but does the CSF?
According to the WHO, the effectiveness of seat belts in worldwide studies is about 50% in avoiding the loss of life during a car crash. This is pretty concrete, and the studies have been validated since the ‘60s in some form or another, so there’s a pretty high confidence in that probability. However, our friend, […]
A security architecture lesson from 19th century midwestern housewives
Yesterday, I was having a variation of a conversation that I’ve had with loads of security leaders and architects in various parts of the world over the years, and it’s a conversation that centers around how to “find the time” to be more strategic in your security architecture efforts. There’s a couple of things at […]
Ever wanted a SABSA vocabulary for the CIS20?
It seems like you can’t swing a cat without bumping into the CIS20 when you talk to people about their security programs. It’s one of the things that comes up far more often than ISO 27000, and even more often than the NIST CSF, but that seems to be changing a little. I have to […]
