🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

What metrics should you use that demonstrate the value of your cyber program? How often do your scratch your head on this one? In my book review and interview with CISO and author Matthew K Sharp, he outlined three steps to take before picking your me…lnkd.in/eeJ3yEYb

Borrowed from a Reddit post titled "Humanities last Tweet"... While said in jest, given the rapid advances in AI over the past few months, we need to proceed cautiously. #ai will impact every area of life. If you are a writer and only marginal at what…lnkd.in/ezqxsvdi

🔒 Is CISA's Zero Trust Maturity Model (ZTMM) a game-changer or just another buzzword? 🌐 My take: 1️⃣ Zero Trust is a journey, not a one-time purchase. Beware of vendor FUD. 2️⃣ The ZTMM offers a valuable framework for measuring progress, but it still n…lnkd.in/eg3c5Vmf

As professionals, we often wear our busyness as a badge of honor. But what if being busy is actually a form of laziness? According to Tim Ferriss, author and productivity guru, "Being busy is a form of laziness - lazy thinking and indiscriminate action."…lnkd.in/eqxePfuS

🤔 Ever wondered if the cloud is truly more secure than on-prem? Steven M Prentice's insightful CISO Series article "23 Cloud Security Myths Debunked" addresses this question. In my quote, I emphasize the importance of choosing the…lnkd.in/eMjAm4mK lnkd.in/etemJT8n

Are you concerned about #supplychainsecurity in the software industry? It's time to unlock the potential of SBOMs and improve transparency and collaboration. As the software industry continues to evolve and grow, the importance of supply chain security h…lnkd.in/eSJHK9Dz

🎙️ What's changed in cloud native security over the past year? In my recent podcast conversation with Bob West, CSO of Cloud at Prisma Cloud by Palo Alto Networks, we explored the latest installment of The State of Cloud Native Security report and his fas…lnkd.in/ecwB9-Cf

The Ponemon Institute found the next #cybersecurity black swan: nonfederated applications. Correlating the research with the Verizon DBIR indicates they generate between 11 to 15 percent of breaches annually! Why such an elevated risk? Nonfederated appli…lnkd.in/euibjFzr

Props to Cybersecurity and Infrastructure Security Agency (CISA) for the friendliest booth at #rsac2023. Great place to meet up with friends and talk about #sbom and #securebydefault. What’s your favorite booth his year and why? Jen Easterly lnkd.in/eykuzxa7

How do you deal with "unknown unknowns"? This famous quote from the former US Secretary of Defense, Donald Rumsfeld, is deeply troubling. It implies that we should be worrying about things that we are currently unaware of. How do we do that? Let's start…lnkd.in/g957rPUQ

Join me at 1pm ET today to learn about the latest threats in the enterprise from our exclusive research with the Ponemon Institute! Learn 1) What organizations understand about the risks of nonfederated applications 2) Why organizations are vulnerable t…lnkd.in/e73RsVHb

How many times have you “trusted” someone to get a task done and then it doesn’t happen? When I look over many of these situations in my life, with kids and with employees, typically the failure is on my end as the leader. I haven’t trained and developed…lnkd.in/eVTXgh2A

Why is effective delegation so difficult? What is it about giving a task to another to complete that is so challenging? Two thoughts: 1) The idea that only I can do it “the right way”. Which is, of course, not exactly true. With the right mix of traini…lnkd.in/eUibys8t

Tuesday's discussion with my good friend John Kindervag will be fun! We will discuss all things #zerotrust and where nonfederated (unmanageable) applications fit into the mix. Join us Tuesday, May 16 at 11a PT / 2 PM ET! Cerby ON2IT Cybersecurity lnkd.in/e4BT3zfr

Should security be everyone's responsibility? What about secure by default? In this CISO Series newsletter, I opine why security should not be everyone's responsibility. Am I wrong? What do you think? #security #leadership lnkd.in/ebbj59Nf

Zero trust is too complicated. It’s not practical and doesn’t scale. Have you felt this way? I know I have. In a webinar I did with the creator of zero trust, John Kindervag, he explained that it’s quite the opposite in reality. I asked John if he could…lnkd.in/eekKwjm9

Every organization has risks that are just below the surface. They are lurking in the background, just waiting to be exploited. Sure, it's easy to focus on the risks that are seemingly always in the headlines, but remember what happened to software supp…lnkd.in/ee2rqiu6

And you thought your corporate apps that aren’t connected to your identity provider were safe (nonfederated due to no support for SAML/OIDC). Fat chance. PassGPT and hundreds of others soon to be like it will obliterate passwords. Is this the demise o…lnkd.in/eHy5arKN

#opensource software is a double-edged sword. Your business and/or agency needs it to run almost everything digitally. But when you look at vulnerabilities like #log4j and Apache Struts, the security of open source software can no longer be ignored. In t…lnkd.in/eGzurJiM

Last month I had an insightful podcast discussion with Varun Badhwar, one of the leading voices in software supply chain security. We delved into the heart of open source software, its potential risks, and how to navigate them effectively. Here are so…lnkd.in/ekn2tqgW