Which is Easier: Getting Businesspeople to think in terms of Security, getting Security Teams to think in terms of Business? While security leaders should work both angles, I say the correct answer to Alyssa Miller’s original question (below) is “B”.… Continue reading
What we Can Learn from the SolarWinds Supply Chain Breach
Working Together to Create the Future of Security Architecture
The world really needs to take security architecture more seriously! If physical buildings were anything like security systems (experiencing a major breach practically every month), the news would be full of collapsing buildings and crumbling bridges. That’s why I’m pleased… Continue reading
Pathways to Unified Endpoint Management (UEM)
Would you like to learn more Unified Endpoint Management (UEM) – and of course security – strategies? If so, please register for my November 12 webinar!
Title: Pathways to Unified Endpoint Management (UEM)
5 Tips for Deploying Cloud PAM
Privileged account management for the cloud (cloud PAM) is at long last becoming easier to deploy. To see why, check out my September 17 webinar for BeyondTrust – The Expanding Universe of Privileges: Why Cloud PAM Matters. Therein,… Continue reading
The Expanding Universe of Privileges: Why Cloud PAM Matters (Webcast)
Would you like to learn how Privileged Account Management (PAM) systems should cover cloud environments? If so, please register for my September 17 webinar!
Title: The Expanding Universe of Privileges: Why Cloud PAM Matters (Webcast)
Defending the Digital Election Infrastructure
Someday we’ll conduct elections fully online, but to do that we’ll require a more secure digital election infrastructure. As the U.S. 2020 election process ramps up, technology plays an increasing role. Organizations engaged in the political process must strengthen cybersecurity… Continue reading
At Long Last Rational Cybersecurity Publishes!
I’m so excited to finally announce that “Rational Cybersecurity for Business: The Security Leaders’ Guide to Business Alignment” is live.
You can now buy a paperback, or get a complimentary digital download here.

Why I Wrote the… Continue reading
Going the Extra Mile for Rational Cybersecurity
Successful security leaders don’t quit in the face of obstacles. They go the extra mile for their security program and understand that cybersecurity isn’t just a technical problem. It’s a people and organizational problem. That makes it critical to align… Continue reading
Cleaning up Risk and Technical Debt in the Wake of the Pandemic
IT staff and developers have had to rework many business processes and applications to operate entirely online, and built up a lot of technical debt in the process. Sooner or later, they’ll need to re-architect and re-factor to reduce the… Continue reading