What should you expect from a vCISO engagement?
Organizations are facing ever-increasing challenges related to security and compliance. Security issues are in the news every day with targeted attacks, phishing, malware, and especially ransomware on the increase. A last-minute reaction-based strategy is no longer sufficient, and cyber insurance will not pay for your breach if you have not ... Read More
Your Ears as a Security Control
Recently, I was at a customer site to discuss monitoring, correlation, and alerting. They told a tale that I have heard so many times, all I could do was sit there and nod my head sympathetically. They described a failed SIEM (Security Information and Event Management) implementation that they had ... Read More
Burnin’ Down the House
“Oh my God! The office is on fire!” David exclaimed to his wife as he hung up the phone and drug himself out of bed. This was the moment he had dreaded for years. So many irreplaceable documents stored there. So much data to be lost. The fire department had ... Read More
SOLVED!!!
I was recently fortunate enough to be the face of The Pinnacle Group’s CryptoChallenge at DerbyCon in Louisville Kentucky. I am always amazed to watch the depth of talent brought to bear in these type challenges and I marvel at the process of watching these big brains crunch away at ... Read More
Tip of the ‘Berg
If you know me, you know that I regularly preach the need for full scope penetration testing (internal and external with physical, digital, and social engineering attack methods). If I do not think and act as the bad guys do, I will likely miss attack vectors they may not. I ... Read More
