- Product Management What's It Like to Join a Startup's Executive Team?
Joining a startup's executive team involves gaining situational awareness by talking with colleagues, board members, and customers to understand the company's real state. The early period also...
- Career Reflections of a Security Professional: Podcast Interview
A career in information security involves learning from failures, being inspired by others, and developing business and communication skills alongside technical expertise. Professional certifications...
- Risk Management Information Security Measures Commensurate With Risky Behavior
Security safeguards could be applied selectively based on users' demonstrated tendency toward risky computer behavior—people whose systems were frequently infected or who clicked simulated phishing...
- Social Engineering Website Backup Company's Misleading "Invoices" Suggest a Scam
WebsiteBackup Company sent unsolicited letters resembling invoices to businesses, confusing recipients into thinking they owed payment for services they never ordered. The letters lacked the legally...
- Leadership Know Your Firm's Economic Moat to Keep Security Relevant
Effective security decisions require understanding your company's economic moat—the competitive advantages that protect it from rivals. Framing risks in terms of threats to these moats (brand equity,...
- Authentication What to Do About Password-Sharing?
Password sharing is a reality driven by convenience and social norms—Netflix even encourages it with multiple profiles per account. Rather than pretending credential sharing doesn't exist, products...