Apr 72 minBooks and Their CoversWe're all familiar with the saying, "Never judge a book by its cover," and this holds up in information security as well as anyplace. ...
Feb 62 minPatch Levels and Risk ManagementWhen reporting on patch levels for use in metrics as part of risk management there are two areas that are commonly dismissed which are...
Oct 19, 20224 minFinding Business Value in Information Security SpendingThere are three considerations for valuation of a security program: Security effectiveness: Is it doing its job? That is, how effective...