Tag Archives: security

Back to Normal

Posted on March 24, 2021 by Eric

Yesterday I was thinking about this whole “back to normal” thing that we are now experiencing. You know, COVID-19 vaccinations, and herd immunity, re-opening the economy and institutions, all of the things that are happening around us right now after … Continue reading

0Shares
Posted in Career, Pandemic, Security | Tagged , , | 1 Comment

The Threat & Vulnerability Management Maturity Model Arrives

Posted on October 23, 2014 by Eric

If you follow my blog, you know the Threat & Vulnerability Management Maturity Model has been in the works for a while now. I’m happy to report the full model has finally been published in Core Security’s latest white paper. What’s … Continue reading

0Shares
Posted in InfoSec, Security, Vulnerability Management | Tagged , , , , , , | Comments Off on The Threat & Vulnerability Management Maturity Model Arrives

A Week in Vegas

Posted on August 4, 2014 by Eric

Yep, here I am in Las Vegas. Sitting in my hotel room knocking out a quick post on the blog before heading down to check in for BlackHat and find people and dinner. I plan to write something every day, … Continue reading

0Shares
Posted in Cigars, Conferences, General, InfoSec, Security, Vulnerability Management | Tagged , , , , | Comments Off on A Week in Vegas

What Is A Good Security Program?

Posted on July 9, 2014 by Eric

What distinguishes a good security program? One of the hardest questions to answer in the Information Security field is whether our security program is good, or not. It’s a question we want to answer for many reasons, not least of … Continue reading

0Shares
Posted in InfoSec, Penetration Testing, Risk Management, Security, Vulnerability Management | Tagged , , , , , | Comments Off on What Is A Good Security Program?

Blaming the Victim for the Crime

Posted on May 22, 2014 by Eric

Putting the victim on trial. Decades ago we learned to stop putting victims of sexual abuse, domestic violence and rape “on trial”. Well, mostly anyhow. But we, mostly, stopped blaming the girl because she wore a short skirt or went … Continue reading

0Shares
Posted in General | Tagged , , , , , , , | Comments Off on Blaming the Victim for the Crime

You Can’t Defend Without Intelligence

Posted on May 20, 2014 by Eric

Imagine you are an Army General. And you have been given responsibility to defend a town that is the key to the local road network. You have a specific set of units under your command and several days to prepare … Continue reading

0Shares
Posted in InfoSec, Security | Tagged , , , , , | 3 Comments

2013: A Roller Coaster

Posted on December 21, 2013 by Eric

Or, as my wife put it, Random Ramblings of a Security Executive. Yes, it’s that time. Writing a blog post to wrap up the year, just all the rest of you do. I decided I’d cover my personal and professional … Continue reading

0Shares
Posted in Career, Government, InfoSec, Life and Times, Security | Tagged , , , , , , , , , | 2 Comments

Day 3 at CORE

Posted on October 2, 2013 by Eric

Yet another day of fun at CORE today. Spent the day getting to know the people, figuring out critical strategies, and places where I can start inserting myself to have some immediate impact. Started working on goals for the next … Continue reading

0Shares
Posted in CyberWar, FUD, General, InfoSec, Life and Times | Tagged , , , , , , , | Comments Off on Day 3 at CORE

Gartner Security Summit Keynote

Posted on June 10, 2013 by Eric

Paul Proctor got on stage and captured the attention of 2400 security professionals. He lampooned the NSA, brought the ghosts of security on stage and even highlighted my organization for the changes we’ve been able to accomplish. Key themes: BYOD, … Continue reading

0Shares
Posted in BYOD, FUD, InfoSec, Security | Tagged , , , , , | Comments Off on Gartner Security Summit Keynote

CITE 2013 Presentation on Mobility, BYOD, etc.

Posted on June 3, 2013 by Eric

My presentation at the 2013 CITE Conference & Expo. If you didn’t know before this, now you do. I am a heretic when it comes to cloud, consumer devices, BYOD and …. well many things. I am reasonably sure on … Continue reading

0Shares
Posted in BYOD, Cloud, Consumer Devices, Mobility, Security, Technology | Tagged , , , , , , , , | Comments Off on CITE 2013 Presentation on Mobility, BYOD, etc.