On July 19, Capital One Financial Corporation determined it had sustained a data breach of over 106 million user records due to a cyberattack by a user named “Erratic” on Twitter. The company announced the breach to the media July… Continue reading
Audit Active Directory to Reduce Risks from Privileged Users (webcast)
Do you think that Active Directory privileged management practices may pose risks to your organization? If so, please register for my webcast on September 12!
Rational Cybersecurity Q3 Update
Since my Q2 update on the Rational Cybersecurity for the Business book project I’ve continued to forge ahead, completing another 3 draft chapters. My goal is to get to final draft (after rewrites) before year’s end!
Rational Cybersecurity for… Continue reading
Building Practical IGA in the Cloud Era (Raleigh and Cleveland, September 18 and 19)
Identity Governance and Administration (IGA) and Privileged Account Management (PAM) need a makeover for cloud computing. During a recent consulting engagement, I took a deep dive into Cloud IGA and Cloud PAM. I’ll be sharing my perspectives over the next… Continue reading
The Rise of Identity, Access and Authentication in Security Webinar
Why is identity perhaps the most critical security subject matter domain today? What do you think? Hint: Take a look at the consequences and causes of most breaches. Also, tune in to hear me cover the subject at 10:00… Continue reading
Mastering Hybrid Active Directory Auditing Webinar: June 11
Hybrid Active Directory Auditing seems like a topic no one is covering – until now! Please sign up with BeyondTrust for my June 11, 2019 | 1:00 PM – 2:00 PM ET webinar to learn more.
All too often… Continue reading
Could a Global Reputation System Restore Trust to Business and Governance?
“A global reputation system will restore trust,” said RSA CEO Rohit Ghai during a keynote presentation I reviewed at RSA 2019. In the same way that whitelisting is more effective than blacklisting in the never-ending antivirus… Continue reading
Rational Cybersecurity Q2 Update
Since launching the Rational Cybersecurity for the Business book project to kick off the New Year, I’ve made great progress, completing more than 20 security leadership interviews, and drafts for 5 of the 10 chapters.
Rational Cybersecurity for the Business’s… Continue reading
Helping CISOs and Board Members Communicate on Risk: A Shared Assessments Summit 2019 Recap
Returning from the Shared Assessment Summit 2019 last week, I was struck by one repeated message: CISOs and Board of Directors members are still struggling to assess and communicate risk. Early in the Summit Agenda, a CISO Panel discussion… Continue reading
Active Directory Audit: Why and How
Why is 1:00 PM EST March 26 important? That’s when I’ll be presenting an Active Directory Audit webinar. The figure below features some of the issues I’ll be covering that motivate audit. A brief description of the webinar follows.… Continue reading