How to Balance Security and Privacy?
Considering the balance between security and privacy, my experience as a security specialist has taught me that privacy is now integral to building effective security tools
GRC in Practice
Learn how to get engineering teams to listen, make executives care about your recommendations, and build influence that goes beyond compliance theater. For pros who want to drive decisions.
Why security must not report to IT
Industry stories and personal anecdotes prove that independent security and tech leadership breed superior security results
5 Horror stories about cybersecurity consultants (and how to avoid them)
Anecdotes about consulting services gone wrong in the context of enterprise information security. The core issue? A misunderstanding of how to use consulting by companies that hire them.
How to convince developers to fix their security vulnerabilities?
Presenting developers with vulnerabilities is one of the most common -and frustrating- tasks of any security analyst. Here's a list of the most common excuses developers come up with to avoid fixing vulnerabilities and how I react to them.
How to incorporate security into your branding strategy?
Everybody claims their product is secure. Then why are there so many data breaches? Instead of promising the impossible -zero incidents!- companies should showcase their expertise and commitment to integrity.