level of assurance CISOs are in the assurance business As the CISO's job has morphed from gatekeeper (no breaches!) to crisis manager (no outrageous breaches!), the questions boards and C*Os have learned to ask us have become more Erick Rudiak 18 Dec 2014 · 3 min read
threat model On Pace... A couple years ago, I learned a lesson from my CIO that has stuck with me. Marching towards an aggressive deadline to deliver a client capability, the CIO gathered his Erick Rudiak 14 Dec 2014 · 3 min read
ciso The Security Culture Manifesto Preparing for a Board of Directors meeting is one of the more intellectually stimulating aspects of a CISO's work. It's an entirely different conversation than the one I typically have Erick Rudiak 1 Dec 2014 · 5 min read