freshmanGovernment Shutdowns Create Insider ThreatsWe are on the precipice of another government shutdown if the United States Congress fails to act by September 30. This would be the 22nd…Sep 23, 2023Sep 23, 2023
freshmanReflections on Digital Security Awareness: Why Availability is Not the Same Thing as AccessibilityFor me, October was the acknowledgment of digital security and awareness, but honestly, it was more than that.Nov 15, 2022Nov 15, 2022
freshmanStop the Insan-ITShadow-IT — Deployed information technology systems or services by employees or non-IT departments, to work around the shortcomings of the…Feb 10, 2022Feb 10, 2022
freshmanNational Cyber Security Month is a Shared ResponsibilityLooking back 5 years, the FDA marked National Cyber Security Awareness Month with a statement [1] (available on third party site) I feel is…Oct 4, 2021Oct 4, 2021
freshmanTriple-A Security Ratings — Another Crisis Report in the MakingThere was much fanfare that Moody’s put another “triple-A stamp of approval” on Security Ratings firm BitSight to the tune of $250 million…Sep 17, 2021Sep 17, 2021
freshmanThe Target: Healthcare, The Tool: Ransomware, The Impact: Your Lives. The Unsecured Truth“Dozens of hospitals and clinics in West Virginia and Ohio are canceling surgeries and diverting ambulances following a ransomware attack…Aug 24, 20211Aug 24, 20211
freshmanResponse — Security Ratings: Love, Loathe or Live With ThemPrologueJan 27, 20211Jan 27, 20211
freshmanThe [Lacking] Contextual Evidence in Security Ratings ReportingLet’s talk about contextual evidence, or rather the lack thereof, in the Security Ratings industry:Jul 10, 2019Jul 10, 2019
freshmanReading is Fundamental [for Security Ratings]Dear RiskRecon (++ other Security Ratings vendors passively assessing organization’s patching posture),May 15, 2019May 15, 2019
freshmanFair and Accurate Security Ratings: The Peculiar Case of Passive Patch PronouncementsIn a previous article, I spoke about receiving Security Rating reports with hundreds of pages findings. Many, if not all, Security Ratings…Apr 23, 2019Apr 23, 2019