SABSA Archives - Page 19 of 19 - Archistry

July 10, 2019

Tossing the DevSecOps zombies over the waterfall

I get what the whole DevSecOps movement is trying to accomplish. I really do. Because they’re right: The “traditional” approach to security is well and truly broken. We have proof of this every day from the trenches, let alone the headlines. And so, we need to “Shift left!” “Shift left…shift left…shift left…” It’s a mantra. […]

March 10, 2019

Are you drinking the “Zero Trust” Kool-Aid from a poisoned chalice?

I subscribe to a lot of lists. All kinds of lists, actually, but of course, I subscribe to a lot of the “security” lists out there to see what people are talking about and keep up to date with things—just like you do. However, I’m seeing an uptick in the “Zero Trust” phrase in the […]

August 18, 2017

Why Your Cybersecurity RCA Isn’t Working

Recently, I was having a discussion with a customer we’re working with to restructure their IT Security department and adopt SABSA end to end. Doing this will more effectively manage their cybersecurity risks and keep them directly focused on supporting business execution, not just doing security for security’s sake. The Problem One of the problems they […]

Want to get DAILY email tips on how to build a more effective security program so you can prove your security investments deliver value to the business?

Andrew is a highly skilled and experienced information systems architect and consultant, which in my view is a rare thing. He is innovative in his thinking and merits the title of 'thought leader' in his specialist domains of knowledge—in particular the management of risk. Andrew has embraced SABSA as a framework and, in doing so, has been a significant contributor to extending the SABSA body of knowledge."

— John Sherwood, Chief SABSA Architect

"Fabulous person to work with. Very engaging and insightful. Extremely good technical knowledge with ability to relate concepts together and overcome differing opinions. Makes things work."

— Kevin Howe-Patterson, Chief Architect, Nortel - Wireless Data Services

"Andrew was able to bring clarity and great depth of knowledge to the table. His breadth of thinking and understanding of the business and technical issues along with a clear and effective communication style were of great benefit in moving the process forward towards a successful conclusion."

— Doug Reynolds, Product Manager, MobileAware

"Andrew is a fabulous consultant and presenter that you simply enjoy listening to, as he manages to develop highly sophisticated subjects in very understandable way. His experience is actually surprising and his thoughts leave you without considerable arguments for any doubts in the subjects he covers."

— Biljana Cerin, Director, Information Security and Compliance