Rational Cybersecurity Q2 Update
Since launching the Rational Cybersecurity for the Business book project to kick off the New Year, I’ve made great progress, completing more than 20 security leadership interviews, and drafts for 5 of the 10 chapters.
Rational Cybersecurity for the Business’s… Continue reading
Helping CISOs and Board Members Communicate on Risk: A Shared Assessments Summit 2019 Recap
Returning from the Shared Assessment Summit 2019 last week, I was struck by one repeated message: CISOs and Board of Directors members are still struggling to assess and communicate risk. Early in the Summit Agenda, a CISO Panel discussion… Continue reading
RSA 2019: Has Zero Trust Become an Impediment?
RSA CEO Rohit Ghai and former Chief Strategy Officer Niloofar Razi Howe’s keynote today could have been re-titled “Standing in the Bleak Landscape of Zero Trust.” It has become an impediment, they said.
Should I be defensive, having jumped on… Continue reading
FAIRCON Showcases Quantitative Risk Analysis on the Cusp of Adoption
At FAIRCON 2018, keynote speakers described FAIR as a quantitative risk analysis “movement” to change the way industry measures and manages risk. Deep, ongoing frustration in business and government circles with the seeming inability of increased cybersecurity spending to stop… Continue reading
The New Vulnerability and Risk Management (VRM) Paradigm: Holistic, Dynamic, Adaptive
The ability to perform effective Vulnerability Risk Management (VRM) is an important marker of IT security maturity. Why? Managing the flow of vulnerabilities in complex IT environments is a major challenge. So is recognizing, categorizing, and prioritizing IT security risks.… Continue reading
Open FAIR Complements Risk Management Programs
Open Factor Analysis of Information Risk (Open FAIR) from the Open Group is the industry standard for quantitative risk assessment, and the first successful methodology of this kind. Open FAIR consists of a Risk Taxonomy Technical Standard … Continue reading
Announcing New Partner, Webinar, and Going to IdentiVerse
In June doings for Security Architects Partners – it’s a busy month! We’re excited for Identiverse where I’ll be attending in my role of free lance KuppingerCole analyst. The figure below says it all; contact us if you’d like… Continue reading
May Calendar: Richmond IAM Users Group, DC FAIR Chapter, and European Identity Conference
April showers, May flowers. A busy April is drawing to a close. We are back from RSA, and left one post so far on the KuppingerCole web site. Another is expected soon on “Passwordless Authentication? FIDO, Finally, Almost…”
Blockchain Security Concerns and Un-Concerns
Interest in blockchain has skyrocketed, with many believing the technology to be as transformational as the Internet itself. Blockchain’s promise boils down to two related propositions: first, that it can enable vast decentralized populations to collaborate and transact business; second,… Continue reading
Attending DC FAIR Insititute Chaper Meeting on February 2nd
FACTOR ANALYSIS OF INFORMATION RISK (FAIR) INSTITUTE DC CHAPTER MEETING INFORMATION
When: Friday, February 2nd from 8:30 am to 10:00 am
Where: Evolver Inc. (1943 Isaac Newton Square, Suite 260 Reston, VA 20190)
REGISTER
We are just a… Continue reading