My Writing
- Risk Management Turning Information Security Architects into Chefs Some architects rigorously follow frameworks (recipe-diehards); others improvise based on experience. Neither approach alone suffices. True architects know design patterns and control frameworks for...
- Career 6 Tips for Hiring and Working With Security Consultants Before engaging security consultants, understand your requirements to stay in control. Reach out to multiple firms for perspectives and price validation, assess who specifically will work on the...
- Malware Evolving Threats: The Long Tail of Potential Data Breach Victims The "long tail" of potential breach victims—numerous SMBs comprising 80% of the population—attracts attackers who prefer quantity over quality. These targets have weaker defenses and there are many...
- Risk Management Border Bias and Risk Perception in Information Security Research shows people irrationally believe state borders can protect against disasters, underestimating risks from across the line. In security, firewalls and other devices may create similar...
- Malware Protect Files From Malware With Windows Integrity Levels Windows integrity levels can protect sensitive files from malware. Use the Chml tool to set a file to High integrity level with "no read up" policy enabled. Since malware typically runs at Medium...
- Fun Fun Ways to Change Behavior and Improve Security Fun can act as positive reinforcement for security behavior, often more powerful than negative reinforcement. Rewarding the behaviors you want, from badging in to enabling MFA, builds secure habits...