Monday, October 24, 2016
Getting Security Buy-in from Everybody
›
Buy-in of Information Security projects / initiatives / “we should just be doing it” is a tricky thing. While support from senior leaders...
Wednesday, June 1, 2016
What Should Information Security Be Responsible For?
›
In the Enterprise environment it seems there is always a battle around who should be responsible for what in IT. And there is always some ...
Thursday, May 12, 2016
Is the problem local admin or change?
›
Welcome back. "...back after {an} exclusive three year tour of Europe, Scandinavia and the sub continent" (Cab Calloway in the B...
Tuesday, August 6, 2013
Threat Modeling and Security Assessments
›
Over the last several months, in creating a threat evaluation model / process and performing a security evaluation, I have come to seve...
Sunday, July 28, 2013
Creating an Action Plan from a Security Review
›
After all the work of performing a security review of an organization, it is time to create an action plan. This plan must be somethi...
1 comment:
Monday, July 15, 2013
Threat & Vulnerability Mitigation – Asset Identification
›
No matter what you all your program (I call mine Vulnerability Management) to manage threats and vulnerabilities as they apply to your net...
Tuesday, July 9, 2013
How, What, and When to Patch
›
How an enterprise decides to manage patch administration probably varies based on who is doing it, the maturity of the Vulnerability Ma...
1 comment:
›
Home
View web version
