For several years I have been honored to be a guest at the annual Forum on Financial Information Systems and Cybersecurity: A Public Policy Perspective organized at the University of...
In my last article on the EO 14028 I mentioned that I thought there were several parallels between what the EO was calling out and some of the concepts and...
People make decisions every day that involve risk and uncertainty. Generally, we reconcile a variety of decision models using risk criteria often provided by organizational policies and/or guided by a...
Current Security Trends Reveal Difficulties in Assuring Authenticity Recently I was thinking about some of the major security challenges and problems of 2020 and going forward into 2021 like the...
A Plethora of Standards and Guidance for OT / IoT Security In my research into OT and IoT systems security, I have come across a plethora of guidance and standards...
Recently, I was talking with my daughter, the engineer, about testing. She is the lead engineer for payload integration and test for a large NASA space telescope. Our discussion got...
Many years ago I was hosting a series of workshops on a variety of security topics. One of those topics dealt with role-based, attribute-based, and policy-based access control approaches and...
Autonomous vehicles (AVs) have been given considerable attention lately, and for good reason, as large tech giants such as Google, Apple, Amazon and of course Tesla have invested hundreds of...
I have always had a deep appreciation for the skills of a good pentester. However, elite pentesters – those who rule their craft and make magic happen on their keyboards...
