Struggling with where to begin with your Information Security Program? Learn how taking a risk-centric approach can help accomplish your goals.
Struggling with where to begin with your Information Security Program? Learn how taking a risk-centric approach can help accomplish your goals.
Explore your options for managing personnel changes in SimpleRisk.
What is the right way to do risk management? We hear this question fairly frequently on calls with prospects and my answer is always the same. There is no "right way" or "wrong way" to do risk management. There's only your way...
Learn how to use SimpleRisk's Import-Export and Risk Assessment Extras in order to efficiently use the NIST Cybersecurity Framework's controls to assess your organization's risks and perform a control gap analysis.
At the end of June 2020, a civil rights coalition, which includes the Anti-Defamation League (ADL) and the NAACP, launched the #StopHateforProfit campaign. This campaign calls upon major corporations to put a pause on Facebook advertisements, citing the company's...
Today I had a really interesting conversation with a guy from Japan via LinkedIn. It started with him trying to sell me...
As the Information Security Program Owner at National Instruments, I spent years contemplating the answer to a ...
Back in 2013, when I first started working on SimpleRisk in my spare time on nights and weekends, I started using a ...
As the Information Security Program Owner at National Instruments, a $1.4B global enterprise, I've spent the past ...
This is just a short (1 minute) animated video explaining some of the capabilities around performing internal and ...
Unless you've been hiding under a rock for the past three weeks, you're probably familiar with CVE-2019-0708, also ...
On March 29, 2019, Alex Polimeni and I presented at the BSides Austin conference on some of the work we've ...
Recently, a friend sent me a blog post by John A. Wheeler of Gartner entitled "What Ever Happened to GRC?". In ...
While the distinctions between vulnerabilities versus risks has been widely documented in various forums, we ...
Before starting SimpleRisk, I sat in the CISO chair, on the other side of the negotiating table. I learned the tricks ...
Has the number of security issues you deal with on a routine basis ever made you feel a bit like Atlas carrying the ...
A couple of weeks ago I participated in a CISO Summit with a focus on the topics of Security Visibility and Incident ...
Any CISSP will tell you that the way to calculate risk is by taking the likelihood and multiplying it by the impact...
Every comic book superhero has a story behind them describing how they overcame some form of adversity in ...