Buy-in of Information Security projects / initiatives / “we should just be doing it” is a tricky thing.   While support from senior leaders in the organization is key for resources (i.e. $$$$) ...

Buy-in of Information Security projects / initiatives / “we should just be doing it” is a tricky thing.   While support from senior leaders in the organization is key for resources (i.e. $$$$) ...

In the Enterprise environment it seems there is always a battle around who should be responsible for what in IT.  And there is always some manager or director that complains (or his ...

In the Enterprise environment it seems there is always a battle around who should be responsible for what in IT.  And there is always some manager or director that complains (or his ...

Welcome back. "...back after {an} exclusive three year tour of Europe, Scandinavia and the sub continent" (Cab Calloway in the Blues Brothers). Ok, not really, I never left the city for more ...

Welcome back. "...back after {an} exclusive three year tour of Europe, Scandinavia and the sub continent" (Cab Calloway in the Blues Brothers). Ok, not really, I never left the city for more ...

Over the last several months, in creating a threat evaluation model / process and performing a security evaluation, I have come to several conclusions. In creating a threat model, you must create ...

Over the last several months, in creating a threat evaluation model / process and performing a security evaluation, I have come to several conclusions.In creating a threat model, you must create a ...

After all the work of performing a security review of an organization, it is time to create an action plan.   This plan must be something the client can use, so it must ...

No matter what you all your program (I call mine Vulnerability Management) to manage threats and vulnerabilities as they apply to your network and processing environment you must know what you have ...