Consulting Research
Agreeing on the scope of a security assessment, such as a penetration test, is easier said than done. Define the scope too...Read more
There are several reasons why information security recommendations are ignored. When I outlined the rationale for this...Read more
If you've ever performed a security assessment, you probably know the frustration of seeing your earnest recommendations get...Read more
Most of the people whom you envision as the audience for your security assessment report won't read the whole document. But...Read more
Not all information security assessment reports equal. Many present irrelevant details and are tedious to read. They...Read more
The key to a successful cybersecurity assessment report is to write it as a critique, not criticism. This isn't easy,...Read more
Sometimes organizations need outside help for getting their arms around information security challenges. That’s where...Read more
For consultants, it’s not enough to do great work for their clients. The clients also need to understand the value...Read more
For consultants, it’s not enough to do great work for their clients. The clients also need to understand the value...Read more