Blog
So you’re looking for a cyber security board member for your public company
Good luck finding someone qualified… The SEC is apparently about to make it a requirement for public companies to report on “the board of directors’ cybersecurity expertise, if any, and its oversight of cybersecurity risk”.1 Some details: Why would it be hard to find someone like this? But here’s the
The Threat Environment
People who don’t have to do it seem to not understand the nature of the cyber threat. This very short summary is intended for everyone who is responsible for it to hand to everyone else to help start a conversation and gain mutual understanding. The 6 questions people are commonly
Experiential Learning
AI, Neural Nets, and Complexity of the Brain Quantum cryptography and its real effect on current systems Will training help to counter influence operations? Blockchain, distributed ledger, and crypto-currency Don’t trust zero trust Basics of complexity and granularity and tradeoffs of space and time Granularity of control and adding dimensions
Some results in cybersecurity and why they may be interesting
Every once in a while I come across something interesting with substantial potential impacts but that differs from the common misconceptions. Many of them I point out with a fevered disdain of foolishness, while others I view more philosophically. This article is about some recent results that I think are
Gamification and the Metaverse
People seem to me to be having problems dealing with enjoying their lives lived increasingly online. I live a life largely online, and with the pandemic pushing people increasingly away from the physical interaction world, I think we might be getting to the point where we do more and more
Keeping your cyber security program exciting!
The Capability Maturity Model notions that, starting from scratch, a program matures by goingthrough phases. Cyber Security as Sexy! Why don’t they invest the necessary resources? Getting to Managed is not that hard But I don’t want to! But that’s what computers are for! It takes time to mature Conclusions
The first steps in your cyber security program
A fair number of folks have been asking lately about what the best first steps in small company cyber security program development look like (a.k.a., We’re a small company… what should we do about it?). As I thought about it, the answer is pretty much the same as for a
Don’t trust Zero Trust – The Whole of Government Approach
It looks like there is a coordinated effort in the US government to promote so-called “zero trust architecture”. I wrote my last article on the NIST ridiculousness in this arena, and since posting it, I have found that there are several other Federal attempts to promote the so-called architecture both
eLearning and the Digital Divide
eLearning and the benefits The 20th century has seen incredible technological progress throughout society, as more and more of the world we live in is dependent on technology in order to create more powerful and efficient results. This has been increasingly true in the education sector, as electronic learning, or
Don’t trust Zero Trust or so-called Best Practices
Until recently, the concept of zero trust architecture as a cybersecurity approach was a minor thorn in the side of those of us trying to achieve effective risk management in cyber systems. Similarly, the so-called “best practices” approach to cyber security that I have heard about for years has produced
So you’re looking for a cyber security board member for your public company
Good luck finding someone qualified…The SEC is apparently about to make it a requirement for public companies to report on “the board of directors’ cybersecurity
The Threat Environment
People who don’t have to do it seem to not understand the nature of the cyber threat. This very short summary is intended for everyone
Experiential Learning
AI, Neural Nets, and Complexity of the Brain Quantum cryptography and its real effect on current systems Will training help to counter influence operations? Blockchain,
Some results in cybersecurity and why they may be interesting
Every once in a while I come across something interesting with substantial potential impacts but that differs from the common misconceptions. Many of them I
Gamification and the Metaverse
People seem to me to be having problems dealing with enjoying their lives lived increasingly online. I live a life largely online, and with the
Keeping your cyber security program exciting!
The Capability Maturity Model notions that, starting from scratch, a program matures by goingthrough phases. Cyber Security as Sexy! Why don’t they invest the necessary
The first steps in your cyber security program
A fair number of folks have been asking lately about what the best first steps in small company cyber security program development look like (a.k.a.,
Don’t trust Zero Trust – The Whole of Government Approach
It looks like there is a coordinated effort in the US government to promote so-called “zero trust architecture”. I wrote my last article on the
eLearning and the Digital Divide
eLearning and the benefits The 20th century has seen incredible technological progress throughout society, as more and more of the world we live in is
Don’t trust Zero Trust or so-called Best Practices
Until recently, the concept of zero trust architecture as a cybersecurity approach was a minor thorn in the side of those of us trying to