Insights & Articles
Real-world cybersecurity topics — written clearly, without the jargon.
Your last access review came back 90% approved. That’s not a clean environment. That’s a broken process with a completion date stamped on it. I’ve spent thirty years watching identity…
Continue Reading
Here's a question I ask in almost every new security discussion: What's your biggest risk right now? You'd be surprised how many people can't answer it. Not because they don't…
Continue Reading
Let me tell you what most organizations do when they decide they need a security policy. They Google a template. They copy it. They put it in a shared drive.…
Continue Reading
Let me tell you the most common mistake people make when trying to break into cybersecurity. They start with the wrong thing. They buy a cert prep book before they understand…
Continue Reading
What’s the point of an information security program? The simple answer is to protect all the data from being stolen, misused or compromised. Most business units, when talking about info…
Continue Reading
Stop me if you’ve heard this before – INFORMATION SECURITY IS NOT SOLELY THE RESPONSIBILITY OF THE IT DEPARTMENT. Thanks, I had to get that off my chest. But it’s…
Continue Reading
Let’s talk a little about the importance of vulnerability management. As I’ve mentioned in other posts, data has value. For some organizations, their data and intellectual property is the only…
Continue Reading
Let’s start at what I consider the beginning – what has value? That answer has changed dramatically over the decades; for a time it was gold, then it was manufactured…
Continue ReadingOnline courses that cover these topics with the depth and clarity you need to actually apply them.