This podcast is for both seasoned information security professionals and those who desiring a career in infosec, risk management or privacy. To that end there are agencies that can be beneficial for those at the beginning of their careers or those who are interested in more peer and community engagement. There are various roles… Continue reading Professional Organizations – How to Connect & What They Offer
Introduction to The Dude Says, Episode 001
Introductory episode to The Dude Says, where I share my background and what I’m working on. GIAC GCCC #242
Standardize Your Security In An Agile Culture
Thoughts on Information Security and Risk Management in an Agile Culture Narrated slidedeck from a presentation given at the Chattanooga chapter of ISSA. In keeping with the Ides of March timing of the presentation, I chose to model my analogy to include references to Julius Caesar and Mark Antony.
CSIP Looks Good
After reading through the CyberSecurity Strategy and Implementation Plan (CSIP) I was impressed with its scope and relatively clear terminology, acronyms notwithstanding, and how it outlined federal strategy. I expect the timelines to be challenging, though. Working in a multi-national, Fortune 500 company, I know that if you don’t already have some information collected and… Continue reading CSIP Looks Good
Information Security Costs May Be Delayed But At What Price
[S]oftware solutions delivered to market cost money. Secure software solutions or products and services with critical dependency on secure software solutions cost more money. Hospira is finding this out with its older medical pumps in the Symbiq line. Fiat Chrysler is finding out what fixing a problem in production costs. Their security oversight?… Continue reading Information Security Costs May Be Delayed But At What Price