Category: CSO

For a third party, knowing what people from company X are asking of ChatGPT (or any other generative AI) could be quite interesting and profitable…

I wonder how many security teams have reached out to their colleagues about the use of ChatGPT and other hot new generative AI tools. Here’s…

Security professionals (and the people who measure our performance like auditors and regulators) have traditionally taken a stance that “all serious vulnerabilities should be patched”…

I came across an interesting blog post over at Finextra which got me thinking about a topic that has been in the back of my…

We need to work with system designers and developers to make them understand that using a secure credential vault with programmatic access is not an optional luxury – it is a basic security requirement. Credentials do not belong in code, even if that code is stored in a safe inside a vault inside a volcano.

An interesting piece in the Harvard Business Review highlights the one of the challenges information security professionals face when dealing with security awareness; we actively…

I was thinking about the way that the concept of a “perimeter” has changed in the time I have been in information security. (Obviously, I…

Something for those of us who have to continue to remind our executives how important it is to continually increase our cybersecurity budgets… Global insurer…

We security management types would like to think that every task we give our minions is exciting and engaging. However, there are lots of security…

Some interesting insight from the Harvard Business Review’s January 2020 IdeaWatch section: A study looked at how people react to information which indicates that a…