What are the key questions a CEO must ask?

What are the key questions a CEO must ask?

The CEO is responsible for the overall success of a business entity or other organization and for making top-level managerial decisions. As the ultimate governing authority, the CEO assesses risks to the organization and ensures those risks are mitigated and...
Why security fails

Why security fails

Over the past few decades as a security practitioner, I have witnessed security fails and I have attributed three common defining elements.   1. Priority of security within an organization  Effective security requires not only insight into the entirety of the...
Evidence Based Information Security

Evidence Based Information Security

Information security (InfoSec) is about the processes and tools used to protect information.  Evidence-based information security is precisely as stated, information security supported by evidence. In the context of the cyber ecosystem, organizations must protect...
Traditional Approaches to Cyber Security

Traditional Approaches to Cyber Security

Security Policies Patch Management Firewall Antivirus Vulnerability Scanning Threat Intelligence Risk Management When it comes to traditional approaches to cyber security, a checklist of items comes to mind. For the purpose of this post, I have listed the first seven...