Security Cloud Privacy Tech

Tagged With 'Culture Change'

<< More tags

Parler Pas: Fringe Social Network Offline

Parler gets deplatformed and can’t find any organizations that want to work with it. It’s about time.

The Help Desk Is a Key to Incident Response

Outages are hard to handle. There’s pressure to get things back up and running, to avoid damage to your reputation, and to avoid getting yelled at by the boss. The Help Desk is often the best positioned team to help…and the most overlooked. Here are some tips to help handle the communications side of incidents better.

The New Office: Home?

Is working from home the new normal in tech? Is working from home as simple as ensuring a strong internet connection and access to the right tools? This is an issue with a ton of impacts outside of just the relationships on your team. This post highlights various conversations and points of view on the issue.

The Unicorn Project Through a Security Lens

The Unicorn Project is the latest book from Gene Kim, one of the leaders of the DevOps movement. The book focuses on developer enablement and culture. What does this have to do with cloud security? Everything.

The cloud is an amplifier. It lets teams do more with less. This innovative and fast-paced approach creates a mountain of security …

Business Email Compromise

Cybercriminals don’t always use complicated technical attacks to get around your cybersecurity. Sometimes—probably more often than we care to admit—it’s the really simple stuff that works and what’s simpler than an email?

AppSec Is Dead

Is application security (AppSec) dead? Did it every really work? Let’s discuss…

Cybersecurity Time Crunch

The Fortnite developer teams at Epic Games are working in a perpetual “crunch time” situation. That’s not sustainable by any measure…and from all reports, things are bad over at Epic.

But they are not alone. How does this time crunch impact the cybersecurity community?

Perfectionism In Tech

It’s tempting to search for the perfect solution to a problem. The challenge? That “perfection” rarely exists. But time after time, we seek out these perfect solutions. Nothing’s perfect. Security is far from perfect. But we keep trying for perfect sceurity…why?

Communication At Scale

When you are trying to get a message out to a lot of people, it’s not realistic to try and get them all back to you digital properties. So what do you do? How do you manage trying to hold the same conversations in multiple places? How do you monitor what’s working?

The War Room

During a large incident response, bringing everyone together to a “war room” can be the difference in a speedy recovery, but there are downsides as well. The biggest? Fatigue & burnout. How do you monitor and handle that?

Are We Setup to Fail?

Criminals are winning the battle against security practitioners. Need proof? Look no further than the new headlines in any given week.

Billions of dollars are being spent on the latest and “greatest” tools, and millions of people hours are being exhausted in the defence of our data. Yet with all this effort, it remains trivially easy for most …

Security Is A Quality Issue

Security is a quality issue. Except we don’t treat it that way and that’s costing us dearly.

Operational Security

Connecting with others is critical but it can also pose a risk. It’s important not to “leak” information needlessly. This is a practice know as operational security. It’s critically important…and often ignored.

Learning From Failure

No one wins all the time. Don’t seek out failure but we shouldn’t be afraid of sharing our failures so that others may learn.

Constant Negative Pressure

You cannot stand at “Red Alert” 24/7 but that’s exactly what we do in cybersecurity…often without realizing it. What impact does that have an our approach? Our attitude? Our mental health?

Document, Automate, Repeat

If you’re working by hand, you’re failing. In today’s world of security, rapid delivery, and new technologies, automation is critical.

Working Together To Improve Security

There’s only upside to collaborating more deeply with other teams in the org. So why doesn’t the security get out there and do it?!?

Security Thinking Is Service Design Thinking

We’ve spoken a lot of maintaining and expanding perspective when it comes to cybersecurity. In this episode, we dive in highlight a methodology called “service design thinking”.

Culture Change Is Hard

We (the IT community) don’t push for cultural change because it requires persistent and dedicated long term work. That runs counter to the usual pace of technology. We (the security community) are even worse off…

Why Can't Security Place Nice With Others?

Is it just attitude that keeps security teams from working well with the rest of the organization? And if so, can that attitude be changed? What’s keeping things so negative. Some thoughts…

OpSec, Soft Skills, And People

Most of the focus around cybersecurity education is on the technical aspects. Is that the right approach?

Listening To Customers

Listening to customers is built into the DNA of a lot of organizations…why aren’t security teams doing the same?

F**king Passwords

Passwords are the worst. Just the worst.

Password Health

Passwords are the best of a mountain of bad solutions. Picking a strong password lies at the intersection of math (yay!) and psychology…that’s a tough place to be. Here are a few tips on creating a useful, strong password.

The Security Team's Role In Your Org

Can new technology solve everything? We in the security community need to spend more time investing in people and process.

Fear Uncertainty And Doubt

Cybersecurity is often positioned from the negative. There are bad things coming to get you! What a waste of energy…

Organizational Design and OT Risk

Sometimes the digital world has an impact on the real world…and it’s not always a positive one.

Secure Systems Thinking

One of the biggest challenges in cybersecurity today is the tendency to secure components instead of the larger system. It’s understandable but also leaves a lot of gaps. How can we change this approach?

Passwords, Educatiing Users, and the Communal Good

Security awareness is next to useless. Educate users instead

Risk Assessments & The Risk Of No Data

Good data drives good decisions. This is a major problem in cybersecurity where the data simply isn’t available or accurate.