Quantcast
Browsing latest articles
Browse All 10 View Live

Image may be NSFW.
Clik here to view.

Magnificent 7/7: Metrics and Scorecards

It’s been a fun CSO tools series so let’s close it with a bang. Number 7 is the ever intimidating operations scorecard. I’m also happy to share this post coincides with the release of the Third Defense...

View Article


Image may be NSFW.
Clik here to view.

Can metrics save money on PCI compliance?

I continue to be impressed by the VZ team. Their latest PCI Compliance Report continues their contribution of data sharing with the industry. Here are a couple cherry picked passages from the exec sum:...

View Article


Image may be NSFW.
Clik here to view.

Money$ec Evolved Slides

My first BSides will not be my last. A huge thank you to all the sponsors and volunteers. The BSidesSF folks will publish links to the recording and slides but I’ve had a few requests that couldn’t...

View Article

Image may be NSFW.
Clik here to view.

Make a Difference Webinar with Caliber

Apologies for not linking to my webinar with Tab from Caliber Security. It’s a fun filled 45 minutes with me jawing on about prioritizing and measuring risk. Who doesn’t want more of that… Event...

View Article

Image may be NSFW.
Clik here to view.

Source Boston: My Communicate Risk Slides And More

I had a great time at Source Boston. Many good times, talks, and connections. Source Boston had the best combination of technical and business oriented talks I’ve ever experienced at a conference....

View Article


Image may be NSFW.
Clik here to view.

Your Security Executive Dashboard

Sometimes for fun, I like to concatenate as many buzzwords as possible. How about: our cloud GRC dashboard provides risk intelligence leveraging big data visualization. I bet someone has a copyright on...

View Article

Image may be NSFW.
Clik here to view.

Vulnerability Management From Scratch

When it comes to classic processes like identifying, prioritizing, and tracking scanner-based vulnerabilities, I like to dive right into the deeper waters of performance targets and service levels. Who...

View Article

Image may be NSFW.
Clik here to view.

Winning the IT Security Compliance Game

I’m sure you all follow the New School blog and have read Compliance Lessons from Lance. My take on the post is to find a way to position compliance from a necessary evil to a necessary evil to achieve...

View Article


Image may be NSFW.
Clik here to view.

What matters to you?

Lots has been written why measuring current control performance contributes to the answer of “How much security do we need?” If you measure what matters, does tactical control performance matter? Maybe...

View Article


Image may be NSFW.
Clik here to view.

Measuring Security Performance: Governance or Whistleblower?

I love helping security teams measure control performance (metrics) and improve risk analysis and management programs. Providing visibility into current performance and putting the data in context of...

View Article
Browsing latest articles
Browse All 10 View Live