Author Archives: editor

About editor

Consultant, Author, Researcher.

Aligning Business Goals with InfoSec Strategy

How do you align yourself with the business you are supporting? What value are you creating? These are the questions that every CISO should be thinking on regular basis. In a typical organization, the CEO has a list of business … Continue reading

Posted in InfoSec, Leadership | Tagged , , | Comments Off on Aligning Business Goals with InfoSec Strategy

DBIR 2017 – Major Findings of Verizon Data Breach Investigations Report

Verizon is publishing Data Breach Investigations Report (DBIR) for over 10 years. The latest release is DBIR 2017 which was published on April 27th. This year’s report contains 1935 confirmed data breaches and more than 42000 security incidents. Like always, … Continue reading

Posted in InfoSec | Tagged , , | Comments Off on DBIR 2017 – Major Findings of Verizon Data Breach Investigations Report

Three Fundamental Questions for Strategic Decision Making

How to pick the right projects for the next year or the next thing to work on? Recently, this was the major point of discussion in the planning meeting of a non-profit organization. Irrespective of for-profit or non-profit status, all … Continue reading

Posted in Digital Transformation, Entrepreneurship, Leadership | Tagged , , | Comments Off on Three Fundamental Questions for Strategic Decision Making

Customer Experience: The Missing Pillar of Information Security Programs

Few days back, an information security executive asked for help. He has been struggling with demonstrating “tangible business value” of his information security program. We started our dialog about the company business, revenue sources, key issues, competitors and how he … Continue reading

Posted in Digital Transformation, InfoSec, Leadership | Tagged , , , , , | Comments Off on Customer Experience: The Missing Pillar of Information Security Programs

Building a Successful Security Operations Center Part 3: SOC Budget Calculator

Sometime back I published an article “What it Really Takes to Stand up a SOC”. This included a MindMap showing everything you need to consider while making a decision about establishing an internal Security Operations Center. Since then, many people … Continue reading

Posted in InfoSec | Tagged , , , | Comments Off on Building a Successful Security Operations Center Part 3: SOC Budget Calculator

Five Minutes Overview of IoT Messaging Protocol for CISOs

Although traditional methods of communications like RESTful APIs can be used for IOT communications, MQTT and CoAP are the two major IoT protocols for exchanging messages in IoT networks. This is a quick overview of both of these protocols.

Posted in InfoSec, IoT | Tagged , , , | Comments Off on Five Minutes Overview of IoT Messaging Protocol for CISOs

Building a Successful Security Operations Center (SOC) Part Two – Estimating SOC Budget – CISOcast

Budget estimates are a major part of SOC business case. A typical budget will consist of capital cost, payroll expenses, and annual recurring costs. The budget estimates also helps in making decision about build an internal SOC or using SOC … Continue reading

Posted in Leadership | Comments Off on Building a Successful Security Operations Center (SOC) Part Two – Estimating SOC Budget – CISOcast

Disruptive Technologies Every CISO Should Know – CISOcast

Information Security is a rapidly changing field as advancements due to disruptive technologies, like SDN, IoT, NFV and others, have direct impact on security management programs. Information Security professionals, in general, are perceived to be slow in  adapting to new technologies … Continue reading

Posted in Leadership | Comments Off on Disruptive Technologies Every CISO Should Know – CISOcast

Lack of Security and Network Resources: A Major Hurdle in Digital Transformation

Initiatives for Digital Transformation are at front and center of every major corporation to keep their business competitive and relevant. Many technology research organizations are publishing papers about different aspects of digital transformation, which is categorized  as a new industrial … Continue reading

Posted in Digital Transformation, InfoSec, IoT, Leadership | Tagged , , | Comments Off on Lack of Security and Network Resources: A Major Hurdle in Digital Transformation

2016 CISO MindMap – What do InfoSec Professionals Do?

Please note that this is an older post An updated MindMap available here. It took some time to update the CISO MindMap but finally it is here. Thanks to all who provided suggestions for this update. A very rapid change … Continue reading

Posted in InfoSec, IoT, Leadership | Tagged , , , , | Comments Off on 2016 CISO MindMap – What do InfoSec Professionals Do?