It always kinda surprises me when I meet a new security team, or even a new security professional, who balks at the notion that risk assessment is a core part of what they do. In some cases, this attitude is institutionalized as team dynamics, so that if the designated “risk team” gets even the slightest […]
Sorting sacred risk assessment cows
One of the things I haven’t talked too much about over the last year or so I’ve been writing these emails is risk assessments. Hopefully, just because I haven’t talked about them much hasn’t led you to believe I don’t think they’re important. They are. And, they’re firmly at the heart of the whole SABSA […]
How to avoid bad things happening
This weekend, as you do after 5 weeks of the whole family under one roof, my wife decided that it was time to clean out the garage. And, apart from needing to do a bit of real-world architecture archaeology on my son’s disassembled Hot Wheels garage to get it back together correctly, things generally went […]
How to turn 53,426 words of security policy into usable security architecture
Here’s an interesting question for you to think about: What’s the relationship between security policy and security architecture in your organization? I mean, how related and/or connected do you think they are? True story: In one of the organizations I work with, they actually had a fairly good structure and scope to their information security […]
Your mission: save the world
Grandiose? Maybe…but hey, I’m in that kind of mood right now, because my son decided tonight was the night he wanted to watch Justice League. Fortunately, he feel asleep before the really, really scary parts at the end—well, scary for a 5 year-old…but not too scary that he didn’t want to watch it. Now, I […]
- « Previous Page
- 1
- 2
- 3
- 4
- …
- 19
- Next Page »