A virtual Chief Information Security Officer (vCISO) is an external expert contracted by your organization to provide CISO services. These services include designing, overseeing, and managing your organization’s overall security strategy. These are high-level, organization-wide strategies, though larger organizations may have different security strategies for different business units. Providing Risk Assessments and Risk Management...
Continue readingWe all live in a bad neighborhood
Back in the Stone Age (Late 90’s/Early 00’s) people referred to the internet as a Superhighway. It was a way of connecting to far off places without interacting with the points in-between. While the way the internet works hasn’t changed, our understanding of its interconnectedness has. When it comes to the internet superhighway, it’s...
Continue readingProtecting Critical Infrastructure, Large and Small
Critical infrastructure is mentioned in the news by politicians and many other agencies who oversee or work within an industry that is considered critical to the United States and its daily functions. The Department of Homeland security labels critical infrastructure as the following and it “includes the vast network of highways, connecting bridges and...
Continue readingSecure or “Secure Enough”?
When we talk about security, it is often not clear what the end goal is beyond an unspecified "secure state." Which begs the question, when is security good enough? I almost never hear business leaders or security professionals begin a security conversation from this perspective, but this is precisely the conversation business leaders should...
Continue reading