Saved by Chad Hudson
Protecting People, Not Just Data
Mostly, they seek out vulnerabilities, detect attacks, and eliminate compromises. Of course, the size of the attack surface and the sheer volume of vulnerabilities, attacks, and compromises means organizations must make tough choices; not everything gets fixed, stopped, recovered, and so forth. There will need to be some form of acceptable (tolerab
... See moreStuart McClure • How to Measure Anything in Cybersecurity Risk
% Derisible • Theses for 2020
As software engineers and architects our job is to try to use our technical and logical thinking skills to identify which is which and to challenge those that are not useful. Which activities help us to really be secure and which are outdated or simply useless “security theatre”? If we don’t do this then all security activities will be devalued and
... See moreMurat Erder • Continuous Architecture in Practice: Software Architecture in the Age of Agility and DevOps (Addison-Wesley Signature Series (Vernon))
As an example, imagine a company expanding into Europe. That expansion is subject to General Data Protection Regulation (GDPR), and this will influence priorities and investments in areas that may not be as critical to a purely security-focused program. A valuable CISO recognizes the business need and context for the controls they recommend. In thi
... See moreDark Reading • Rethinking Cybersecurity's Structure & the Role of the Modern CISO
Let's keep in mind the words of Deputy Chairman Victor Zhora: "Resilience stems first from basic cyber hygiene." By prioritizing cybersecurity, planning for crises, and creatively reducing risk, we can build a more resilient future.