Risk Management Archives - Archistry

May 25, 2020

Man vs. machine: where are you going to put your faith?

Yada, yada, yada…AI…big data…security tools…ever increasing threats…AI for good and evil…keeping ahead of the bad guys…yada, yada, yada. That’s a pretty good summary of the security “news” I get in my inbox most days, but on this particular day, I was told that “advanced, AI-based security tools are the only way to plan your defense […]

May 24, 2020

Getting past the possibility (or why threat-based security will get you nowhere)

Yesterday, I was re-reading the FAIR book, Measuring and Managing Information Risk: A FAIR Approach, and something jumped out at me that I’d forgotten the first time I’d read it. The notion of getting hooked on the possibility of an event. Of course, the FAIR book poo-poos all over the qualitative risk assessment – and, […]

May 23, 2020

Boys, wolves and Chicken Little

Folktales and fables are ways to make sure we learn life’s essential lessons both easily and at an early age. And two of the ones that I think are most relevant to what we do as security professionals are The Boy Who Cried Wolf and Chicken Little. Quick refreshers might be in order, so here […]

Want to get DAILY email tips on how to build a more effective security program so you can prove your security investments deliver value to the business?

Andrew is a highly skilled and experienced information systems architect and consultant, which in my view is a rare thing. He is innovative in his thinking and merits the title of 'thought leader' in his specialist domains of knowledge—in particular the management of risk. Andrew has embraced SABSA as a framework and, in doing so, has been a significant contributor to extending the SABSA body of knowledge."

— John Sherwood, Chief SABSA Architect

"Fabulous person to work with. Very engaging and insightful. Extremely good technical knowledge with ability to relate concepts together and overcome differing opinions. Makes things work."

— Kevin Howe-Patterson, Chief Architect, Nortel - Wireless Data Services

"Andrew was able to bring clarity and great depth of knowledge to the table. His breadth of thinking and understanding of the business and technical issues along with a clear and effective communication style were of great benefit in moving the process forward towards a successful conclusion."

— Doug Reynolds, Product Manager, MobileAware

"Andrew is a fabulous consultant and presenter that you simply enjoy listening to, as he manages to develop highly sophisticated subjects in very understandable way. His experience is actually surprising and his thoughts leave you without considerable arguments for any doubts in the subjects he covers."

— Biljana Cerin, Director, Information Security and Compliance