GDPR is NOT a Data Protection Standard
(this is a repost dated April 2018 from my old blog, which I thought should be preserved as it is still oddly relevant) Stop it!I swear, if one more person comes to me and asks me about hashing or encrypting...
The CISO Reimagined
We know now how security management shouldn’t work. But where does that leave us? To answer the question, this being a book and all, let’s attempt to craft a new paradigm. We are building a new structure, and we should...
“You’ve done security before, right?”
Let me share a personal story, about how my formal career in security started. “You’ve done security before, right?” I was sitting in my quite typical Silicon Valley office. An actual office, mind you—while open-space was becoming all the rage,...
The Wrong Way To Look For A CISO
One of the key topics I address in my book Why CISOs Fail is how companies repeatedly and recurrently hire wrong. They will hire smart, experienced people, and then set them up to fail, frustrating them out of the job...
