Strategy

what? building a notifications list on the fly…my mind is in a TASE

It all started after chatting with a colleague the other day… He started telling me about a Tabletop Attack Scenario Exercise (TASE) that he sat through with a health care company. They were going through a mock scenario of a PHI breach. And at one point, the security director asked the procurement team to give …

what? building a notifications list on the fly…my mind is in a TASE Read More »

it’s not luck

I’ve learned a lot by coaching my son’s youth soccer team. At the beginning of last season, his team had several boys ranging from ok to pretty good players. The only problem was they wouldn’t work together. They’d all either stand around and watch whenever they didn’t have the ball, or they would form a …

it’s not luck Read More »

Why is security still being left out of the discussion?

It’s time to break down the silos and build strategy and process as a unified team Interested in learning more? Click here to join our membership site wait list. IT strategic plan – aligned with the business and coordinated with security Most organizations maintain an annual strategic plan that aligns IT strategy with the overall …

Why is security still being left out of the discussion? Read More »

Why aren’t more companies focused on M&A cyber due diligence?

A talk given at RSA this week by Avast’s EVP, GM and CTO Ondrej Vlcek  about the attack and corruption of CCleaner had an interesting twist when the speaker noted that the most important lesson coming out of the episode wasn’t about the incident itself, or even the TTPs the attackers used. “A big lesson …

Why aren’t more companies focused on M&A cyber due diligence? Read More »

Building an assessment program

I’ve heard this question now several times, “What do you mean build a security assessment program? Do you mean build a security program?” My answer is consistently “no”. Your assessment program should be part of your overall security program, but they are separate (albeit related) initiatives. So what is a security assessment program? Think of …

Building an assessment program Read More »