The USAF is a great Platform

Choose your [Information Security] Platforms Wisely

Let’s talk about platforms, shall we? It’s hard to have any discussion with any IT vendor and not have them say “platform” at least once. Many will say it so many times you have to wonder if they even know what it is they are talking about (tip: oh-so-many don’t). But these are the times[…]

Measuring success with ZenGRC and ZecurityAscent

The NIST Cybersecurity Framework and You

When you see these lyrics, what comes to mind? Five hundred twenty-five thousand Six hundred minutes How do you measure – measure a year? Hopefully you recognize it as a truly great Broadway hit musical song (from the play Rent), especially since it has been featured in so many uplifting campaigns. But if I were to[…]

Our Greatest Wealth -- Discretionary Free Time

Enhancing True Wealth – Helping InfoSec Leaders Exceed Personal and Professional Goals

At ZecurityAscent, one of the key metrics we measure with each engagement is how much wealth was created. And by wealth, we mean discretionary free time, from the executives to the individual contributors. And we do this because this metric is what makes achieving and exceeding both personal and professional goals a reality. By leveraging[…]

Security Appliance Vendor Nonsense

IF A SECURITY APPLIANCE VENDOR IMPLEMENTED THEIR “Hybrid Cloud” FOR YOU. (5 of 10)

From the “Top 10 Signs Your Network and Security Design Might Be Far Behind” Series Several years ago I had a large security appliance vendor do a big presentation for me and our larger team about their cloud offering. Apparently they were now believers in cloud security and were now hosting their appliances in their data centers.[…]

Waiting for the Internet

IF USERS INCREASINGLY GO HOME TO GET WORK DONE – AND BYPASS SECURITY (4 of 10)

From the “Top 10 Signs Your Network and Security Design Might Be Far Behind” Series I think we have all been there. We are sitting at our desk trying to get work done and the network just won’t keep up with us. Maybe it’s those recurring training videos that we have to watch or some O365[…]

Outside the Corporate Data Center Box - Proxies In The Cloud

IF YOUR INTERNET PROXIES ARE IN A NETWORK THAT USERS ARE LEAVING (2 of 10)

From the “Top 10 Signs Your Network and Security Design Might Be Far Behind” Series It’s kind of crazy when you think about it. We have continued to build the old hub-and-spoke networks for decades now. Then we started letting the users work from just about anywhere over a decade ago. And now, in the cloud age,[…]

Be The Change

A year from now, what’s different? Transformational [Yes] [No]?

One year from yesterday, can you tell a truly transformational security story? The success stories of organizations from the extremely large to the quite small who have created transformational stories are everywhere. To be clear, simply implementing a new security appliance or software tool is not even in the ballpark. Rather, these organizations have taken truly[…]

Same old Thinking Same Old Results

In Cloud Security, “80% of Success is Showing Up”

If you believe that 80% of success is showing up (says Woody Allen), then how do you solve for the remainder? Right now, with each passing microsecond, there are organizations all over the world who are failing at embarrassing levels. This is both in terms of frequency and impact, despite spending more than they really should[…]

Peanut Butter Cup

You put your security in my compliance!

You bet I did! Way, way back in the 1980s there was a brilliant commercial series by Reese’s about peanut butter mixing with chocolate. Apparently before that time no one knew that the two went together quite well. Unfortunately, many businesses today can’t quite make the connection between security and compliance, where so much is spent[…]