Cybersecurity Maturity Model Certification (CMMC) creates a big barrier-to-entry for small companies
If you were in Lockheed Martin’s offices in 2009 you may remember seeing a number of unfamiliar, well-dressed people milling
Category: Security
The Security Screwtape Letters
The other day I got a FedEx package containing a USB drive and handwritten note. The note said: Please provide
The economics of a hospital ransomware breach
Ransomware attacks on hospitals have been in the news a lot lately. Have security professionals done a good job of
Is CrowdStrike Stock a Bubble?
I got a call from a friend the other day. We’ll call him the Undercover CISO. He is a polymath
Security Myopia
If you attended business school any time over the last 50 years you probably read the timeless Harvard Business Review
Ransomware Economics 201
In my previous post I outlined why the most cost-effective way to recover from a ransomware attack is to pay
Ransomware Economics 101
Recently, travel management company CWT became yet another victim of a ransomware attack. The company paid the attackers over 400
Unknown unknowns
In 2002, Donald Rumsfeld, who was the US Secretary of Defense at the time, was asked a question about the
You don’t know @Jack
It hit me as I stepped outside the Reagan National Airport terminal. Just five hours earlier I’d been in the
The great security worker shortage myth
In the year 1900 Americans spent 43% of their income on food. Almost half of all Americans worked on farms.
