Articles on Leadership
- Assessments 3 Reasons Why People Choose to Ignore Security Recommendations People avoid information that challenges beliefs, demands undesired action, or causes unpleasant emotions—all common with security assessments. Recipients may resist findings that contradict "my...
- Assessments Why Your Security Assessment Recommendations Get Ignored Security assessment recommendations get ignored for several reasons: reports go unread due to poor writing or checkbox compliance, readers disbelieve findings that contradict their views, IT staff...
- Risk Management Cyber Warfare Encompasses Only Some Security Concerns Cyberwar discussions focus on mega breaches, but thousands of small breaches occur hourly and may exceed economic losses of high-profile incidents. Military cyber capabilities don't help civilian...
- Risk Management Herd Behavior in Cybersecurity: The Good and The Bad The security industry exhibits herd-like behavior with both benefits and drawbacks. Higher vigilance by some allows others to focus elsewhere—good for collective defense. But anxiety is contagious...
- Leadership 4 Reasons Why Computer Users Dread Installing Security Updates Users avoid updates because they require too many clicks, downloads are heavy, finalizing requires reboots, and mechanisms fail for non-privileged users. Google Chrome and Windows Update show better...
- Leadership Limitations of Frameworks in Information Security Security frameworks like ISO 27002 and PCI DSS provide structure, but organizations often adopt them blindly without considering applicability. Companies misinterpret prescriptive standards to suit...