CMMC 2.0 is dead. They just don’t know it yet.
I was pretty excited as I drove onto the sprawling and meticulously landscaped campus. I was heading to a meeting
Category: Security
Microsoft is about to bite the hands that feed it
I was just settling in for a busy day at the office when I saw the incoming call from the
Google makes some noise in the security market. Did they get lured into a bad deal?
Google’s announcement that it would be buying security firm Mandiant for $5.4 billion made some waves in the security world
CMMC’s worst ‘best practices’
There is a buzz around the DoD’s reported review of the Cybersecurity Maturity Model Certification (CMMC) program. It is unclear
Cybersecurity Maturity Model Certification (CMMC) creates a big barrier-to-entry for small companies
If you were in Lockheed Martin’s offices in 2009 you may remember seeing a number of unfamiliar, well-dressed people milling
The Security Screwtape Letters
The other day I got a FedEx package containing a USB drive and handwritten note. The note said: Please provide
The economics of a hospital ransomware breach
Ransomware attacks on hospitals have been in the news a lot lately. Have security professionals done a good job of
Is CrowdStrike Stock a Bubble?
I got a call from a friend the other day. We’ll call him the Undercover CISO. He is a polymath
Security Myopia
If you attended business school any time over the last 50 years you probably read the timeless Harvard Business Review
Ransomware Economics 201
In my previous post I outlined why the most cost-effective way to recover from a ransomware attack is to pay
Security Economics 