The Security Devil Is In The Master Services Agreement’s Details
An old expression, “The Devil is in the Details”, underscores that the most problematic aspect of something is in its details. Nothing is...
Stay Safe with Strong Logon Passwords
I'll come clean and let you in on a little secret: I-hate-passwords . Passwords can be quite a pain to remember, creating one takes...
When Do You Need A Security Team (or person)?
In conversations regarding Information or Cyber Security at smaller companies, a question often asked is, “When does an organization need...
Would You Rather Have a Shovel or a Treasure Map?
A shovel is great for treasure retrieval, but it will take a lot hole digging without an idea of a treasure's location. On the other...
Does a Real Incident Count as a BCP/DR Test?
During a conversation with a fellow professional, I was asked whether the operations incidents that affect business performance would...
Reducing the Risks From Employee Burnout
For company HR departments, employee burnout is not a new thing. But burnout flies under the radar of most security departments. After...
Keeping Current with Deadlines in the EU's Artificial Intelligence Act (yes, it likely applies to American Companies)
February 2, 2025. For many, this date came and went by uneventfully. For companies affected by the European Union's (EU) Artificial...
The Customer Screen That Said, "Booga! Booga!"
When software developers see security professionals come around, I almost get the sense that they start to avoid us as if we are a vacuum...
Beware of Pink Driveways
When approaching the challenge of how to leverage a small, and in some cases tiny, Information Security staff to reach all of the teams,...
Between a Rock and an Outsource Vendor
It is one thing to scrutinize 3rd party software development vendors on their security practices, selecting the best vendor. But what if...
