Articles on Leadership
- Communication 10 Communication Tips for Security and IT Professionals Explaining security and IT work is often harder than the work itself. Ten habits will sharpen how you explain it to specialists, executives, and everyone in between.
- Career Depth of Technical Knowledge Is Not Enough The technical facts you once memorized are worth less now that AI recalls them on demand. Depth of knowledge becomes valuable when it's paired with the judgment and insight to make the right call...
- Cloud Cloud Risks and the Security Community Most cloud security risks apply to IT in general and either have mitigations or have been accepted. InfoSec's role should be active participation in technical innovation, balancing risk with cost—not...
- Career 10 Tips for Hiring Managers Seeking Cybersecurity Professionals Security roles stay open for 45+ days, often because the hiring manager hasn't done the preparation that separates a good hire from a fast one. Most of that work happens before the first interview.
- Cheat Sheets How to Use the Security Architecture Cheat Sheet for Internet Applications
- Risk Management Risk Management: Objectivist and Subjectivist Approaches Objectivists rely purely on historical data to predict risk; subjectivists complement data with judgment about context. A coin flipped by a magician might warrant different probability assessments...