Posts
-
Oct 18th, 2021
FAIR and RQ: It’s time to evolve the conversation
I can’t wait until the day when cars can fully drive themselves. While I love driving I hate wasting time in traffic. And the number of accidents caused by human error is significantly larger than a
-
Sep 23rd, 2021
CRQ Isn’t Done Well: A Review of NIST’s Report on Integrating Cybersecurity and ERM
It’s been almost a year since the National Institute of Standards and Technology (NIST) issued its internal report on “Integrating Cybersecurity and Enterprise Risk Management (ERM).” I
-
Jun 7th, 2021
Why Effective Cybersecurity Narratives Are Built Using Quantitative Metrics
As the world begins to get the global coronavirus pandemic under control, cybersecurity concerns are increasing. Attackers continue to build increasingly sophisticated capabilities, deploying them in
-
Jun 4th, 2021
How Risk Quantification Gives Your Security Team A Leg Up in Patch Management
Two of the major challenges facing most Security Operations Centers (SOCs) are patch management and alert prioritization. However, many organizations struggle with the complexity of keeping up-to-date