I have always been a “fan” of words. Meaning: I read a lot and I write a lot. I have this notion that “if” is the most powerful word pound for pound. For only two letters, “if” sure packs a lot of punch. “If” has fueled exploration (“if the world isn...
It is hard not to like the Marvel movies that hit the big screen every year. Being a pseudo-geek (pseudo because I have no comic book collection or replica light sabers mounted on my wall), I enjoy the world Marvel has created. Even on the little scr...
At RSA Conference APJ this year, Art Coviello's opening keynote stressed the interdependency of the digital world we have created. He articulated the challenges the security industry faces as the norms of behavior for nations, businesses and people i...
The sentry walked along the rampart peering out into the misty darkened sea. Weary from his nightly watch, his feet clumped along the stones of the high fortress wall. He paused as he noticed a distant fragment of the fog swirl and he heard a distinc...
Read an interesting article over at HBR recently (“Forget the Strategy PowerPoint” by John Kotter) that argues for better ways to articulate high level strategies.The gist is that it’s already hard to communicate a strategy anyway but even harder whe...
This week I attended the quarterly chapter meeting of the Information Security Forum. As this was a combined meeting between the North American and Canadian chapters, the meeting was an excellent cross section of industry and geographic sectors. The ...
At the RSA Archer Summit in Phoenix this year, the theme of pioneer spirit and innovation permeated the event. Art Coviello’s opening keynote outlined the technological advancements driving business and the collective challenges across the industry. ...
I am a big fan of The Big Bang Theory. For those of you familiar with Sheldon, Leonard, Raj, Howard and Penny, you will already have an idea of where I am going with Schrödinger’s Cat. Schrödinger’s cat has been referenced throughout the show as a me...
I often get asked for advice on manipulating content in and out of Archer, how to relate certain things & build reports, etc. Somebody recently asked the following and I figured hey, why not blog the answer.“I’d like to do a review of my PCI control ...
It has been over 10 years ago since California took a stand to advocate and enact privacy controls through SB 1386. When that law came into effect, companies now had mandatory reporting requirements for any compromise of personal information of a res...
A few weeks ago, the SEC issued a Risk Alert regarding their OCIE Cybersecurity Initiative to provide more information on their review and analysis of security controls across major financial institutions. One component of this campaign is the deeper...
That thought of “how did I get so old?” happens so quickly. Some reference to something from the past celebrating an anniversary will immediately trigger it. So when I saw the CNN article “Happy 30th, Dr. Jones: 10 Things a Hero Taught Us”, I immedia...
In my experience, security professionals are excellent at working problems. Give them a few suspicious alerts, a few failed logins, some sneaky looking network traffic and then get out of their way. Like bloodhounds on the trail of the fox, they aren...
Who doesn’t remember lying in the grass on a clear summer night and feeling a sense of awe looking up at the night sky blistering with sparkling points of light? It doesn’t matter if you are child, an adult or a scholarly astronomer, the sight of suc...
By now, you most likely have heard of the announcement of the Heartbleed vulnerability in versions of OpenSSL. Actually, by this time, your executives, your front line managers and your mother-in-law have probably heard of the Heartbleed vulnerabilit...
GovLoop, in partnership with RSA and Four Points, conducted a survey of 204 public sector professionals exploring how to create an effective Continuity of Operations (COOP) program. The findings from the survey are highlighted in our executive resear...
I’m pleased to announce the latest localized versions of the [DEAD LINK /docs/DOC-15636]Archer Control Standards library. The Control Standards translations have been updated for all languages currently offered on the Archer platform. Customers with ...
When I started this blog series, I referenced our latest SBIC (Security Business Innovation Council) report – Transforming Information Security: Future-Proofing Processes. One of the points covered in that report highlighted the need for evidence-bas...
I was very excited about the release of RSA Archer’s enhanced mobile capabilities last week. This is a huge step toward unlocking the potential of RSA Archer in today’s distributed, mobile workplace. Here’s a brief rundown on this latest RSA Archer P...
Over the holidays between frantic last minute shopping, eggnog and family get-togethers, I caught up on some of my NetFlix queue and watched the TV mini-series “Hatfields and McCoys”. I am not sure of its complete historical accuracy but the series w...
