Blog / May 2, 2018
When it comes to tallying the total cost of a data breach, lawsuits figure prominently, alongside repair costs, loss of reputation and sales, compliance penalties, and operational downtime.
Byline / Apr 19, 2018
Fun Fact #2: the author is looking forward to being a card-carrying Singaporean crime fighter (temporarily) someday.
Blog / Dec 26, 2017 (MODIFIED: Jan 12, 2018)
In Part 5 of this blog series, we use inversion modeling techniques to develop a high-level protection strategy.
Blog / Nov 28, 2017 (MODIFIED: Jan 2, 2018)
In Part 3 of this blog series, we demonstrated modeling the threat landscape along with executive threat-modeling. In this blog, we discuss the importance of defining controls.
Blog / Oct 17, 2017 (MODIFIED: Nov 28, 2017)
Security must align to the business needs, not the other way around. Begin with investigation and understanding to be most effective.
Article / Sep 19, 2017 (MODIFIED: Nov 9, 2017)
As enterprises more closely align their security and IT operations, they still struggle to shift their security programs from reactive to proactive.
Blog / Aug 23, 2017 (MODIFIED: Oct 10, 2017)
How InfoSec leaders can build successful threat models by defining the threat landscape and its component resources, then asking simple, situational questions.
Blog / Jun 22, 2017 (MODIFIED: Aug 3, 2017)
Understanding the customer segment of your organization is critical to developing a strategy that ensures regulatory compliance.
Blog / Jun 8, 2017 (MODIFIED: Jul 20, 2017)
Facing data breach disclosure requirements across the globe, organizations need to be prepare in advance to respond well.
Blog / May 4, 2017 (MODIFIED: Jul 18, 2017)
Applied to InfoSec, information modeling is a powerful technique for designing multi-dimensional security controls that minimize risk and achieve compliance.