With COVID19 and expected budget cuts across the board, cybersecurity leaders must prepare for a shrinking slice of their share in 2021. While hoping for the best, it is still a prudent idea to take a more critical look at … Continue reading
Many CISOs and Infosec leaders I meet face continuous challenge to communicate their strategy that is simple and others in their organization can understand and relate to. I have created a simple model for CISOs to explain it on a single page and have found it to be an effective tool. Continue reading
Logs provide a wealth of information and that is one of the reasons that almost all security standards and frameworks (NIST, ISO, PCI, and others) emphasize on collection, storage, and analysis of log data as one of the key aspects … Continue reading
Data-driven business innovation is not something of distant future anymore. It is a reality of today. Many businesses are already reaping benefits of monetizing internal data that they already possess. Some are taking data-driven business innovation to the next levels … Continue reading
How to pick the right projects for the next year or the next thing to work on? Recently, this was the major point of discussion in the planning meeting of a non-profit organization. Irrespective of for-profit or non-profit status, all … Continue reading
Few days back, an information security executive asked for help. He has been struggling with demonstrating “tangible business value” of his information security program. We started our dialog about the company business, revenue sources, key issues, competitors and how he … Continue reading
Manufacturers have been building products (or things) for a very long time. A major shift is in the competitive landscape is about making these products or things “smart”. Now, people not only need a light bulb, but they want a … Continue reading
Note: There is an updated CISO Mind Map for 2018 on this URL As the InfoSec landscape changes constantly, so do the responsibilities of a CISO. Virtual Security Appliances are becoming more common in the Cloud environment. Similarly IoT and … Continue reading
The Verizon 2015 DBIR just released today, and as someone said. It is “the best” DBIR ever. The report provides a number of important findings and new data analysis especially around the cost of data breaches. The report contains analysis … Continue reading
SWOT (Strengths, Weaknesses, Opportunities, Threats) analysis is an industry standard way of analyzing current situation (marketing, business strategy, risk assessment, etc). In many cases, SWOT analysis provides foundation for creating business strategy. Following is a short description of how we … Continue reading