Summary: Much of the current discourse about artificial intelligence hinges on whether it qualifies as a “disruptive innovation,” a term coined by Clay Christensen in the 1990s to explain why large firms lose their edge to unexpected competitors. But for IT and...
Cybersecurity, Data, and Design
Heath Nieddu Phd(c), CISSP, MBA, GCIH
A Cyber Insurance Discussion
This post serves to gather some of the discussion points, questions, and further resources regarding the topic of cyber insurance discussed at the 2023 Planet Cyber Security Conference in San Diego 12/06/2023. Bottom Line Up Front: The majority of the group felt that...
Why Manual Security Questionnaires in 2023?
Vendor security questionnaires were always discussed with an eye roll when I started in this field in 2008. We assigned an analyst to address the concerns of our partners. We also assigned a security architect to send our security questionnaires to our growing list of...
Scenario Planning with both Realism and Novelty
Scenario Planning (SP) exercises can differ depending on the industry and managerial level. Strategic leadership, information system leadership, and academia all view SP differently. Before understanding SP, we need to wade through the sometimes-confusing terms of...
Information Security is Practiced Like Early Medicine
As an industry, security teams often operate in isolation, not receiving transparent, reliable data about the experiences of others. Throughout the profession, pockets of innovation exist, but these innovations are not uniformly deployed to the field. The evolution of...
Ensuring M&A Success with IAM
M&A activity is on the rise, presenting challenges to identity and access management (IAM) programs, but also providing opportunities to aid deal integration. The increase in global activity will challenge security teams, demand the utmost of current IAM programs,...
Just Enough Insider Threat Defense
Mitigating insider threats presents a unique problem for information security leaders. Authorized users carry out harmful actions by performing tasks that may appear part of their day-to-day work. This salient detail keeps insider threat activity under the radar of so...