- Risk Management The Eternal Cycle of Cybersecurity
The fight between cyber attackers and defenders resembles an ecological cycle between predator and prey—the goal is equilibrium, not victory. Being complacent is risky because maintaining balance...
- Authentication What to Do About Password-Sharing?
Password sharing is a reality driven by convenience and social norms—Netflix even encourages it with multiple profiles per account. Rather than pretending credential sharing doesn't exist, products...
- Training Tying Shoelaces and Information Security
Most people tie shoelaces with the weaker knot because the stronger version is harder for children to learn. Similarly, security "best practices" we've followed for years may not be optimal—tribal...
- Risk Management Why Are Executives More Prone to Accept Risks?
Research links high status and power to greater trust in others and overconfidence in one's own knowledge. Executives may accept security risks while being overly trusting and without spending...
- Career The Role of a Resume in an IT Job Search
A resume primarily helps get past initial HR screening to reach the hiring manager—the real engagement happens afterward. Every bullet point should answer "So What?" by stating accomplishments rather...
- Social Networking Twitter Social Networking Among Information Security People
Twitter offers three-fold value for security professionals: discovering curated content (users act as content curators), interacting with peers (social stigmas almost non-existent), and researching...