Category Archives: Uncategorized

Mentoring Outside the Echo Chamber

I have been incensed by certain “pundit” activities through a recent encounter that unfortunately mirrors the frustration I felt 20 years ago as a result of the actions of certain academics where I once taught.  The actions of which I … Continue reading

Posted in Uncategorized | Leave a comment

Sophisticated Analysis of Risk Management is Critical…don’t do Sophisticated Analysis Risk Management

There is a wonderful discussion occurring in SIRA (Society of Information Risk Analysts) these days. I missed the beginning of this group, and I regret it, because the messages coming out of the discussions are extremely insightful and critically important … Continue reading

Posted in Uncategorized | Leave a comment

Revolution or Evolution, Part II

The Security Officer I met recently told me in his “old age” he now knew that the key to security in an organization was Evolution.  Engage evolution. But what does evolution mean for us InfoSec professionals? Well, I’m going to … Continue reading

Posted in Uncategorized | Leave a comment

In the beginning…

…there was a goal of teaching people how to communicate, interact, and learn from each other.  When I wound up in InfoSec and IT Risk Management, my goal evolved into communicating to InfoSec professionals – IT Security Managers, CSO’s, Network … Continue reading

Posted in CISO, CSO, Information Security, Information Security Governance, InfoSec, InfoSec Governance, IT Governance, IT Risk Management, Security Governance, Uncategorized | Tagged | Leave a comment