Blog Stats
- 74,791 hits
Category Archives: Security Blog
FAIR (OpenFAIR Certified)
I took a class that Risklens teaches on the Factor Analysis of Information Risk. I really enjoyed the class. It was very good. That and I’ve been taught by Jack in the past… like 14 years ago when we were … Continue reading
Posted in Security Blog
Tagged achievement unlocked, fair, OpenFAIR
Comments Off on FAIR (OpenFAIR Certified)
CISM
Since the last exam, I figured, I got things going for me. So I signed up for the exam, crammed for it, and took the test. The exam was quite tough, I think it’s because I didn’t study as much … Continue reading
CRISC
Since passing my last exam, I decided that I can take exams without much anxiety. I do this stuff for a living so how hard can it be? I signed up for my exam and I crammed. I took the … Continue reading
CCSP
I took a weeklong boot camp provided by my work, a company called destiny cert which they don’t have a great website or anything. The instructors were really good and this has me thinking about how I have anxiety about … Continue reading
No Government Funding. No Government Resources
I went to look up something today, the new Risk Management Framework that NIST created. Well, here is what I come up to instead.
Posted in Security Blog
Comments Off on No Government Funding. No Government Resources
#PhoenixES3
I was part of a Panel to discuss Integrated Risk Management and Security Operations at the Optiv Enterprise Security Solutions Summit. It was a wonderful experience and I’d love to do it again.
Posted in Security Blog
Tagged ES3, Integrated Risk Management, IRM, IT Governance Risk and Compliance, Optiv, risk
Comments Off on #PhoenixES3
So, I’m Speaking at this Panel…
I was asked to be on a panel at the Optiv Enterprise Security Solutions Summit. My first speaking engagement outside of the company I work for. I’m ready for it, let’s see how I do! Here is a link for … Continue reading
Posted in Security Blog
Comments Off on So, I’m Speaking at this Panel…
15th National CyberSecurity Awareness Month
National Cyber Security Awareness Month (NCSAM) – observed every October – was created as a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online. Week 1: Oct. … Continue reading
Posted in Security Blog
Tagged 2018, NCSAM
Comments Off on 15th National CyberSecurity Awareness Month
End State of All Security Programs
The goal of all security programs is to consistently show how risk is getting lowered… or not! But what should get reported to the leadership teams, to the executive management, and to the board? Risk Metrics on the Top 20 … Continue reading
Posted in Security Blog
Tagged board, critical security controls, risk metrics, risk tolerance
Comments Off on End State of All Security Programs