Featured threat model 7 June 2018 The second biggest trap in information risk management. A model CISOs can use to measure and report the level of assurance being delivered by their technical security products and controls as part of a robust cyber defense.
Featured level of assurance 18 December 2014 CISOs are in the assurance business As the CISO's job has morphed from gatekeeper (no breaches!) to crisis manager (no outrageous breaches!), the questions boards and C*Os have learned to
pentest 3 November 2011 Breaking bad news  I had the pleasure of being in Bloomington, MN, last week and met with a fellow CISO who