In Threats, Part I, I talked about internal threats—such as current and former employees and subcontractors—who may have ill intent or may...
Threats, Part II: External
read more
Threats, Part I: Internal
In Asset Classification Basics, I introduced one of the most basic tenets of cybersecurity: if there’s something of value to you (an...
Asset Classification Basics
You may wonder: why am I putting myself through this misery? What’s it for? You know the answer: to protect your business. But in order to...
Mission, Culture, and Information Technology
Before you can develop an effective cybersecurity program, you need to understand where you are as a business and where you are headed in...
A (Very) Brief History of Privacy
Defining privacy is useful but insufficient. We will soon confront regulations governing privacy that directly impact the way we do...
Defining and Understanding Privacy
What, exactly, is privacy? What does it mean? What do we understand when we describe something as “private”? Do we mean secret? Do we mean...