Posted in Application, CISSP, COBIT, Defense in Depth, ISACA, Information Security Governance, Opinion, Policies, Relation Competence, Risk on Mar 21st, 2009
I come bearing no answers, only questions. This being the SecurityMonks website, I could not allow the article, “The High Priests of IT — And the Heretics” to pass without comment. No heretics or high priests here. Only a simple security monk. The author, Cory Doctorow, makes his argument well. [...]
Read Full Post »
Revolution
On this 4th of July, I find myself wondering if a revolution is about to occur in the information security arena. Is the policy based compliance model going to be overthrown by the risk-based protection model? What are the ramifications? Are most CIOs aware or even ready for such change?
Technological Upheaval
Ground [...]
Read Full Post »
“Men of power have no time to read; yet the men who do not read are unfit for power.“ — William Godwin
I am going to be hitting the road at the end of this week. That means, catching up on podcasts while I drive, and doing some reading while in the hotel room. [...]
Read Full Post »