Articles on Assessments

• Assessments Experts Cannot Help Overstating Their Expertise
  Self-proclaimed experts are more likely to claim knowledge of things they don't know, including nonexistent terms in their fields of expertise. This overclaiming tendency means security professionals...
• Assessments Technical and Political Boundaries of Security Assessments
  Security assessment scoping involves both technical and political boundaries, since testing efforts are often artificially constrained by which teams control which systems. Defining rules of...
• Cheat Sheets IT and Information Security Cheat Sheets
• Assessments Information Security Assessment RFP Cheat Sheet
  Effective security assessment RFPs require understanding what's driving the need, ensuring staff availability, and defining realistic timelines and budgets. Key elements include specifying assessment...
• Assessments Tips for Creating a Strong Cybersecurity Assessment Report
  Creating a strong security assessment report requires analyzing data beyond tool output, prioritizing findings by risk, documenting methodology and scope, and providing practical remediation...
• Communication Balancing Brevity and Verbosity in Business Communications
  Brevity is valuable when audiences lack time or inclination—use elevator pitches for executives, SWOT matrices for pros and cons, and keep emails short. Verbosity is appropriate when responding to...