The Expanding Universe of Privileges: Why Cloud PAM Matters (Webcast)
Would you like to learn how Privileged Account Management (PAM) systems should cover cloud environments? If so, please register for my September 17 webinar!
Title: The Expanding Universe of Privileges: Why Cloud PAM Matters (Webcast)
Defending the Digital Election Infrastructure
Someday we’ll conduct elections fully online, but to do that we’ll require a more secure digital election infrastructure. As the U.S. 2020 election process ramps up, technology plays an increasing role. Organizations engaged in the political process must strengthen cybersecurity… Continue reading
At Long Last Rational Cybersecurity Publishes!
I’m so excited to finally announce that “Rational Cybersecurity for Business: The Security Leaders’ Guide to Business Alignment” is live.
You can now buy a paperback, or get a complimentary digital download here.
Why I Wrote the… Continue reading
Going the Extra Mile for Rational Cybersecurity
Successful security leaders don’t quit in the face of obstacles. They go the extra mile for their security program and understand that cybersecurity isn’t just a technical problem. It’s a people and organizational problem. That makes it critical to align… Continue reading
Cleaning up Risk and Technical Debt in the Wake of the Pandemic
IT staff and developers have had to rework many business processes and applications to operate entirely online, and built up a lot of technical debt in the process. Sooner or later, they’ll need to re-architect and re-factor to reduce the… Continue reading
Enterprise Cloud Security: Defending the Digital Lifeline (Webcast)
Don’t be Doctor NO: New Book Helps Balance Restrictive Cybersecurity with Empowerment and Accountability
Balancing what we’d like to do from the pure security control perspective with the need to align solutions with the business is a recurring theme in my book, Rational Cybersecurity for Business. The actual book is publishing very soon –… Continue reading
Where Should the CISO Report?
When the CISO doesn’t report at the right level of an organization, misalignment between security, IT, the business, and the larger public ecosystems it serves will surely result. Such misalignment often leads to dire consequences, increasing the chance of breaches… Continue reading
How to Define Security for Your Business
Could it be that a simple misunderstanding of what cybersecurity means is creating much of the disconnect between business and security leaders that often makes security programs ineffective? According to one security leader who’s worked as a Chief Information Security… Continue reading
Fifty Keys to Cybersecurity-Business Alignment
My book, Rational Cybersecurity for Business: The Security Leader’s Guide to Business Alignment contains 50 Keys to Alignment that accentuate the guidance. I’m writing about these keys in a “50 keys” blog series. This page conveniently summarizes all the keys… Continue reading