Cloud Security is Coming - In Waves

Cloud Security is Coming – In Waves!

Imagine a man standing in the shallows of the beach, the ocean ahead. The wind is picking up, bringing higher and higher waves, all while the tide rushes in. But he stands firm, relenting to none of it. Is he Neo? Is he living inside “The Matrix”, about to put his hand out and place everything on[…]

The USAF is a great Platform

Choose your [Information Security] Platforms Wisely

Let’s talk about platforms, shall we? It’s hard to have any discussion with any IT vendor and not have them say “platform” at least once. Many will say it so many times you have to wonder if they even know what it is they are talking about (tip: oh-so-many don’t). But these are the times[…]

CISSPs and other InfoSec Leaders are Multiplying

Great InfoSec Leaders Have Your Back

One of the more remarkable things that seems to have become trendy is bashing those with infosec certifications. With great regularity, I see Twitter and LinkedIn posts by other infosec professionals, many of whom I follow, actually poking fun at CISSPs and other security credentials. While not entirely new, the increase is most definitely there. And it’s[…]

Value versus Price

A True Partner Will Help You Get The Right Price

Ahhh…all those security “partners” and self-professed “trusted advisors” out there. Who are they, really? What are they all about these days? Is price the only thing that matters? If you are like me, you have probably associated these as the Value Added Resellers (VARs) that permeate the market. Why? Well because they told us they were[…]

Measuring Value

The Myth of the Value Added Reseller (VAR)

The legacy information security Value Added Resellers (VARs) are really struggling with showing their true value. And that’s a really good thing. Let’s explore where they are failing…and why. And, of course, why their market correction will ultimately bring about a better information security landscape for everyone. VARs are Pushing Tin The vast majority of[…]

Agility - The Speed of Change with Cloud Security

Are You Agile Enough for The Cloud?

Believe it or not, I have actually seen even large and otherwise sophisticated IT departments fail at moving security to the cloud. At first, it doesn’t even compute. The cloud is supposed to be easier. It’s supposed to be more agile. It’s supposed to be better! And it is…mostly. So why are some failing at[…]

ZecurityAscent - Making Security Better

Improving the Security Situation – That’s the Mission

There are two situations that constantly leave me a bit awestruck in the world of information security consulting. And after reading this, especially as a “customer”, I’m betting you will agree. But before I jump right into what those two are, let’s quickly define what a true IT security consultant does. So what does this[…]

Our Greatest Wealth -- Discretionary Free Time

Enhancing True Wealth – Helping InfoSec Leaders Exceed Personal and Professional Goals

At ZecurityAscent, one of the key metrics we measure with each engagement is how much wealth was created. And by wealth, we mean discretionary free time, from the executives to the individual contributors. And we do this because this metric is what makes achieving and exceeding both personal and professional goals a reality. By leveraging[…]

Security Appliances


From the “Top 10 Signs Your Network and Security Design Might Be Far Behind” Series Half pregnant. Half secure. Just about anything that is “half” is probably not a good thing. And that certainly holds true with cloud security. But I get it. Cloud security it far newer to some than others and people generally see[…]

CapEx Depreciation of Security Appliances - Not Good for the CFO


From the “Top 10 Signs Your Network and Security Design Might Be Far Behind” Series It’s time for an insider tip for all those out there who haven’t spent tons of time working sales as a security appliance vendor. When a prospect says to the sales person “We would love to talk, but we just renewed your[…]



From the “Top 10 Signs Your Network and Security Design Might Be Far Behind” Series I believe most out there would consider me to be an expert on remote access. After all, way back in 2003, Nortel, having found a paper I had written that was published by the SANS Institute on the topic of building[…]