Which is Easier: Aligning Business to Security, or Security to Business?
Which is Easier: Getting Businesspeople to think in terms of Security, getting Security Teams to think in terms of Business? While security leaders should work both angles, I say the correct answer to Alyssa Miller’s original question (below) is “B”.… Continue reading
What we Can Learn from the SolarWinds Supply Chain Breach
Defending the Digital Election Infrastructure
Someday we’ll conduct elections fully online, but to do that we’ll require a more secure digital election infrastructure. As the U.S. 2020 election process ramps up, technology plays an increasing role. Organizations engaged in the political process must strengthen cybersecurity… Continue reading
At Long Last Rational Cybersecurity Publishes!
I’m so excited to finally announce that “Rational Cybersecurity for Business: The Security Leaders’ Guide to Business Alignment” is live.
You can now buy a paperback, or get a complimentary digital download here.

Why I Wrote the… Continue reading
Going the Extra Mile for Rational Cybersecurity
Successful security leaders don’t quit in the face of obstacles. They go the extra mile for their security program and understand that cybersecurity isn’t just a technical problem. It’s a people and organizational problem. That makes it critical to align… Continue reading
Fifty Keys to Cybersecurity-Business Alignment
My book, Rational Cybersecurity for Business: The Security Leader’s Guide to Business Alignment contains 50 Keys to Alignment that accentuate the guidance. I’m writing about these keys in a “50 keys” blog series. This page conveniently summarizes all the keys… Continue reading
Don’t Press Pause on Security Architecture During the COVID-19 Shutdown
As the “COVID-19 shutdown” pushes businesses into what I call “forced digitalization” – with everyone teleworking – it could be easy for IT and security professionals to become all-consumed by basic operational issues. Just keeping the Virtual Private Networks (VPNs)… Continue reading
Rational Cybersecurity at RSA: The Human Element
“We need to change our cyber security story from one of technical conflict – with business leaders on the sidelines – to one with users and the business as central characters.” As the author of the upcoming book… Continue reading
Rational Cybersecurity Open Access Book Announcement
Exciting News: I found the perfect publisher for Rational Cybersecurity for Business. Apress, a Springer Nature company, will be publishing my book in May 2020 through the ApressOpen program. This means the industry’s first comprehensive Security Leader’s Guide to… Continue reading
Cybersecurity Deficit: More than a Skills Shortage
New Services to Cut the Cybersecurity Strategy Deficit
As 2020 gets underway, we’re excited to announce a more modular and agile cybersecurity, identity management, and risk management consulting services catalog. More than ever the world needs rational cybersecurity leadership, business… Continue reading