Parler gets deplatformed and can’t find any organizations that want to work with it. It’s about time.
Outages are hard to handle. There’s pressure to get things back up and running, to avoid damage to your reputation, and to avoid getting yelled at by the boss. The Help Desk is often the best positioned team to help…and the most overlooked. Here are some tips to help handle the communications side of incidents better.
Is working from home the new normal in tech? Is working from home as simple as ensuring a strong internet connection and access to the right tools? This is an issue with a ton of impacts outside of just the relationships on your team. This post highlights various conversations and points of view on the issue.
The Unicorn Project is the latest book from Gene Kim, one of the leaders of the DevOps movement. The book focuses on developer enablement and culture. What does this have to do with cloud security? Everything.
The cloud is an amplifier. It lets teams do more with less. This innovative and fast-paced approach creates a mountain of security …
Cybercriminals don’t always use complicated technical attacks to get around your cybersecurity. Sometimes—probably more often than we care to admit—it’s the really simple stuff that works and what’s simpler than an email?
Is application security (AppSec) dead? Did it every really work? Let’s discuss…
The Fortnite developer teams at Epic Games are working in a perpetual “crunch time” situation. That’s not sustainable by any measure…and from all reports, things are bad over at Epic.
But they are not alone. How does this time crunch impact the cybersecurity community?
It’s tempting to search for the perfect solution to a problem. The challenge? That “perfection” rarely exists. But time after time, we seek out these perfect solutions. Nothing’s perfect. Security is far from perfect. But we keep trying for perfect sceurity…why?
When you are trying to get a message out to a lot of people, it’s not realistic to try and get them all back to you digital properties. So what do you do? How do you manage trying to hold the same conversations in multiple places? How do you monitor what’s working?
During a large incident response, bringing everyone together to a “war room” can be the difference in a speedy recovery, but there are downsides as well. The biggest? Fatigue & burnout. How do you monitor and handle that?
Criminals are winning the battle against security practitioners. Need proof? Look no further than the new headlines in any given week.
Billions of dollars are being spent on the latest and “greatest” tools, and millions of people hours are being exhausted in the defence of our data. Yet with all this effort, it remains trivially easy for most …
Security is a quality issue. Except we don’t treat it that way and that’s costing us dearly.
Connecting with others is critical but it can also pose a risk. It’s important not to “leak” information needlessly. This is a practice know as operational security. It’s critically important…and often ignored.
No one wins all the time. Don’t seek out failure but we shouldn’t be afraid of sharing our failures so that others may learn.
You cannot stand at “Red Alert” 24/7 but that’s exactly what we do in cybersecurity…often without realizing it. What impact does that have an our approach? Our attitude? Our mental health?
If you’re working by hand, you’re failing. In today’s world of security, rapid delivery, and new technologies, automation is critical.
There’s only upside to collaborating more deeply with other teams in the org. So why doesn’t the security get out there and do it?!?
We’ve spoken a lot of maintaining and expanding perspective when it comes to cybersecurity. In this episode, we dive in highlight a methodology called “service design thinking”.
We (the IT community) don’t push for cultural change because it requires persistent and dedicated long term work. That runs counter to the usual pace of technology. We (the security community) are even worse off…
Is it just attitude that keeps security teams from working well with the rest of the organization? And if so, can that attitude be changed? What’s keeping things so negative. Some thoughts…
Most of the focus around cybersecurity education is on the technical aspects. Is that the right approach?
Listening to customers is built into the DNA of a lot of organizations…why aren’t security teams doing the same?
Passwords are the worst. Just the worst.
Passwords are the best of a mountain of bad solutions. Picking a strong password lies at the intersection of math (yay!) and psychology…that’s a tough place to be. Here are a few tips on creating a useful, strong password.
Can new technology solve everything? We in the security community need to spend more time investing in people and process.
Cybersecurity is often positioned from the negative. There are bad things coming to get you! What a waste of energy…
Sometimes the digital world has an impact on the real world…and it’s not always a positive one.
One of the biggest challenges in cybersecurity today is the tendency to secure components instead of the larger system. It’s understandable but also leaves a lot of gaps. How can we change this approach?
Security awareness is next to useless. Educate users instead
Good data drives good decisions. This is a major problem in cybersecurity where the data simply isn’t available or accurate.