Circle City Con 5.0 2018, Luka Trbojevic's 'Security Beyond The Security Team: Getting Everyone Involved' →

July 12, 2018 by Marc Handelman in Conferences, Education, Information Security, Risk Management, Risk, Threat Intelligence, Circle City Con

OWASP APPSEC Cali 2018 - Mike Shema's 'DevOps Is Automation, DevSecOps Is People' →

April 07, 2018 by Marc Handelman in OWASP, Application Security, Conferences, Education, Information Security, Risk Management, Risk

Business, Risk Thereof →

September 20, 2017 by Marc Handelman in Information Security, Risk

via Ben Lovejoy, writing at 9TO5mac, comes word of warnings industry and academics are flagging regarding the enormous risk Apple Inc. (NasdaqGS: AAPL) has assumed in management of user data and the secure implementation thereof. In this case - specifically - the concern exists in the so-called 'differential privacy (PDF)' realm. Also this... Todays Must Read!

PECB, Karsten Decker's 'Information Security – Risk Identification Is All' →

August 27, 2017 by Marc Handelman in Risk, Risk Management, Risk Identification, All is Information, Conferences, Education, Information Security

From Karsten Decker's 'Information Security - Risk Identification Is All' video description:

(Karsten Decker) The Owner and the CEO of Decker Consulting GmbH, talked about risk identification and information security. He elaborated these topics through three important questions. 1. What is information security risk? 2. Why is it important? , and 3. What is crucial for its success?

PECB Insights Conference - where experts meet! To see the presentation slides: https://pecb.com/conferences/previous-events/pecb-insights-conference-2017/presentations/

For more: https://pecb.com/conferences/ https://pecb.com/

SANS CTI 2017, Lincoln Kaffenberger's 'Location-Specific Cyber Risk: Where you are Affects how Badly you’ll be Hacked' →

March 31, 2017 by Marc Handelman in All is Information, Education, Conferences, Risk, Risk Management

BSides SLC - Build Infosec Risk Management Program

June 23, 2016 by Marc Handelman in All is Information, Education, Information Security, Risk, Risk Management

Risk →

August 05, 2015 by Marc Handelman in All is Information, Information Security, Risk, Risk Transfer

via Robert Graham's well-crafted Errata Security blog, comes this insightful piece on a fundamental lack of expertise in the Information Security racket.

To wit, the inability of information security professionals to quantify risk successfully, and communicate the results to the apropos stakeholders - an activity crucial to providing the fodder necessary to formulate decisions regarding risk avoidance, transfer, mitigation, or acceptance. Something insurance companies have been accomplishing regularly (with a certain level of acceptable success) for centuries....

Todays' Must Read, and a Hat Tip to PhoneBoy.