Overrated? On TPRM, SBOM, Solarwinds, and Supply Chain Security
We've all run to the same side of the boat on supply chain security when it comes to cyber. Rather
Encryption is Overrated
Years ago I found myself in one of those awkward elevator pairings where you are unexpectedly face to face with
Network Egress and Ingress Fundamentals
There is a lot of confusion about network ingress and egress. This isn't limited to junior staff; I've witnessed this
Episode 07 - Bug Bounties with guest Casey Ellis
Bugcrowd founder Casey Ellis joins #lifeafterCISO to talk about bug bounty programs in the wake of the Joe Sullivan Uber
Episode 06 - Retire Many Times with guest Sounil Yu
Sounil Yu joins the #lifeafterCISO podcast and shares the idea of "retiring many times". Sounil is the renowned author of
How much AppSec is too much?
I've been using the term "West Coast CISO" a lot lately. While it feels like CISOs used to be either
The value of the True Positive
As originally published on Vectra's Unfiltered at https://www.unfilteredcxo.com/
Cybersecurity is afflicted with the duty of “proving a
Episode 01 - The Portfolio Life
In this introductory episode, host Jerry Perullo talks about the range of opportunities available to tech executives after the day
IOCs aren't for blocking - they are for control validation
There is a misconception out there that security departments should be ingesting feeds of Indicators of Compromise (IOCs) and loading
Patching is Overrated
Patching became a household term during the Equifax security breach and Congressional hearings. While IT maintenance and hygiene have their