Category Archives: CSO/CISO Perspectives

CISA and Desist

– It’s an old joke: “Heads I win, tails you lose,” but it can also play out in reality. How often do cybersecurity professionals end up on the wrong side of that bet? CISOs (Chief Information Security Officers) don’t seem able to get a break. They invariably get blamed, and sometimes fired,…

Cybersecurity Lessons from the Pandemic: Protection

– To paraphrase an old saying: “One person’s prevention is another person’s protection.” This may well apply to the wearing of masks during the pandemic, the efficacy of which is still being hotly debated by some. Having gone through various iterations, the argument for wearing masks has…

The Massive Shift to Cyber Crime

– There is a cartoon in The New Yorker of March 30, 2020 showing four mobsters, one with a gun, sitting around a table. The caption reads: “For health and safety reasons, we’ll be transitioning to cyber crime.” You can see the cartoon at https://www.newyorker.com/cartoon/a24009 No kidding! The…

The Demise of the Internal Datacenter and Consequential Risks

– Recently, I happened upon a short article about the demise of internal data centers in favor of cloud services. The article, by John Delaney, appeared on page 28 of the May 2020 edition of the Communications of the ACM, and has the title “The Shuttering of Corporate Datacenters.” The article…

Cybersecurity Lessons from the Pandemic: Metrics and Decision-Making

– We have discussed previously, such as in my May 18, 2020 BlogInfoSec column, some of the more challenging characteristics of data, such as those relating to value and uncertainty, which are generally not given adequate consideration. This is because these types of data may be much more costly and…