Bahrain eGov Conference “Risk Reality” Slides

For those finding this post from the Bahrain eGov conference, I’d like to re-extend a hearty “Thank you!” for being one of most engaging, interactive and intelligent audiences I’ve ever experienced. I truly enjoyed talking with all of you. You can find the slides on my Dropbox [PDF] and please do not hesitate to bounce… Continue reading

[REDUX] Reassessing Cyber Risks as a Security Strategy

I happened across [Between Hype and Understatement: Reassessing Cyber Risks as a Security Strategy]( [PDF] when looking for something else at the [Journal of Strategic Security]( site and thought it was a good enough primer to annoy everyone with a tweet about it. The paper is—well—_kinda_ wordy and has a Flesch-Kincaid grade reading level of… Continue reading

Off By One : The Importance Of Fact Checking Breach Reports

I didn’t read through the Massachusetts 2011 Report on Data Breach Notifications [PDF] until recently, but once I went through the report my brain kept telling me “something is wrong”. Not something earth shattering, but more of a “something is off” signal. This happens more than I’d like as I tend to constantly background process what… Continue reading

Is Your Organization Ready For a Risk Management Program?

While the slides will be officially available from SIRA web site in the not-too-distant future—complete with video (for all the talks)—I figured it wouldn’t hurt to put them up here as well. Keynote version PDF version My sincere thanks, again, to @jayjacobs and the SIRA board for allowing me to have the privilege of being… Continue reading