Tag: CISO

  • The Ian Amit Spectrum of Pentesting Efficacy

    It’s been a while since I posted (duh), but recently I’ve had something brewing in my mind that appeared to not have been clearly discussed before, so here goes. I’ve been seeing some discussions and ambiguity around pentesting, vulnerability assessment, and red teaming (again – no huge shocker for those of us in the industry). […]

  • Security and maturity – beating the averages

    So, There’s this new (for me) LinkedIn “publishing” thing, that prompted me to try it as I was posting a semi-rant there. Let’s see how well that works out: https://www.linkedin.com/today/post/article/20140531211959-1510435-security-and-maturity-beating-the-averages?trk=prof-post

  • Ambulance chasing or DNA research?

    I am fortunate enough that some of the new topics that I have discusd lately have generated interest in the community and the industry. As such, there are obviously ├é┬ávoices that do not agree with the approach (I still like to call is SexyDefense, although the more adult part of me agreed to SDES – […]

  • Security Awareness and Security Context – Aitel and Krypt3ia are both wrong?

    It was pretty obvious that after an Information Security persona such as Dave Aitel has posted his “Why you shouldn’t train employees for security awareness” article, there would be a lot of flak from the industry. A lot has been said about training employees to be somewhat more savvy users when dealing with corporate equipment […]