This is GRC (Page 7)

20 Sep 2023 GRC in Practice

Centralized vs. Decentralized Security: My Professional Take

Looking at pros and cons of a centralized vs decentralized approach to cybersecurity teams, and how in the end there is no right answer. This is a cycle and we should focus on relationships rather than hierarchies.

13 Sep 2023 Break In GRC

Neurodiversity in Cybersecurity: How People with ADHD and Asperger's Find a Home

Examining how people with Aspergers and attention deficit hyperactivity disorder (ADHD) can be successful cybersecurity professionals.

08 Sep 2023 Security

The Cyber Threats in Universities Nobody's Talking About

Universities host valuable data about vulnerable individuals. They are faced with a barrage of cyber attacks. Cyber espionage is a growing concern. Underfunding of IT is a major obstacle.

30 Aug 2023 GRC in Practice

10 Harsh Truths About Cloud Security

As a specialist in cloud security due diligence and third-party security risk management, I present the hardest aspects of the discipline. Questionnaires and scanners have created a culture of "checkmarkism" that lead to fast results but low value advice.

23 Aug 2023 Security

Why is security so expensive?

IT managers sometimes call InfoSec the "security tax". Yes, security is expensive due to skilled experts, evolving tech, and attack surfaces. Security paywalls and compliance checkmarks give it a bad rep. In the end, it's a question of showing the value of security.