There is no shortage of publicity around failures in security - constant headlines detailing breaches and vulnerabilities at companies and government agencies. However, what you never hear about are the many organizations who aren't in the news because they have found ways to meet business and mission needs while protecting customer and business data from … Continue reading Call for Nominations: SANS Presents: People Who Made a Difference In Security in 2013"
When I was at Gartner back in 2009 or 2010 we started projecting the impact of what Gartner defined as "The Consumerization of IT" defined as: The specific impact that consumer-originated technologies can have on enterprises; Reflects how enterprises will be affected by, and can take advantage of, new technologies and models that originate and … Continue reading Ixnay on YABYOA: Just Say No to Yet Another Bring Your Own Acronym
Today is the last day of Fiscal 2013 for US federal government folks. This may be one of those years where government folks can stay up late at fiscal New Year's Eve parties, watch the glittery ball drop from the OMB tower, and then sleep in on Tuesday am - the US Government may be … Continue reading Not So Happy Fiscal New Year'S Eve to Government Security Managers!
I'm always on the lookout for good graphics to use in presentations about security. I recently came across EIQ Network's recent small survey on "What Keeps IT Pros Up at Night?" that reported roughly equal fears of experiencing a breach and failing a security audit - realistic, but still kinda depressing to me. Failing a … Continue reading Sleepless CISO's Plan on Implementing the Critical Security Controls