- Risk Management The Reason For All Information Security Woes... Sleep Deprivation
Sleep deprivation fundamentally shifts a decision-maker's risk preference from minimizing losses to aggressively pursuing the best potential gains. Therefore, information security initiatives must be...
- Leadership 7 Inconvenient Truths for Information Security
Employees use personal devices for work, reuse passwords, write credentials down, click on links, and disable security software. Acknowledging these common behaviors as reality rather than pretending...
- Risk Management Turning Information Security Architects into Chefs
Some architects rigorously follow frameworks (recipe-diehards); others improvise based on experience. Neither approach alone suffices. True architects know design patterns and control frameworks for...
- Product Management Security Products and Services: The Long Tail of SMB Customers
SMBs comprise roughly 80% of the potential security market—the long tail—but require different product, pricing, and marketing models than enterprises. Cloud services make security more affordable,...
- Risk Management Border Bias and Risk Perception in Information Security
Research shows people irrationally believe state borders can protect against disasters, underestimating risks from across the line. In security, firewalls and other devices may create similar...
- Incident Response Insider Threat - A Touchy Security Topic
The insider vs. outsider threat debate may be less relevant as external attackers increasingly compromise employee workstations via social engineering and exploit kits—outsiders become insiders....