Aug
25
Overrated? On TPRM, SBOM, Solarwinds, and Supply Chain Security
We've all run to the same side of the boat on supply chain security when it comes to cyber. Rather
2 min read
architecture
Apr
27
Encryption is Overrated
Years ago I found myself in one of those awkward elevator pairings where you are unexpectedly face to face with
3 min read
Dec
07
Network Egress and Ingress Fundamentals
There is a lot of confusion about network ingress and egress. This isn't limited to junior staff; I've witnessed this
5 min read
Oct
20
Episode 07 - Bug Bounties with guest Casey Ellis
Bugcrowd founder Casey Ellis joins #lifeafterCISO to talk about bug bounty programs in the wake of the Joe Sullivan Uber
1 min read
Sep
06
Episode 06 - Retire Many Times with guest Sounil Yu
Sounil Yu joins the #lifeafterCISO podcast and shares the idea of "retiring many times". Sounil is the renowned author of
1 min read
Aug
19
How much AppSec is too much?
I've been using the term "West Coast CISO" a lot lately. While it feels like CISOs used to be either
3 min read
Jun
22
The value of the True Positive
As originally published on Vectra's Unfiltered at https://www.unfilteredcxo.com/
Cybersecurity is afflicted with the duty of “proving a
3 min read
Mar
01
Episode 01 - The Portfolio Life
In this introductory episode, host Jerry Perullo talks about the range of opportunities available to tech executives after the day
1 min read
Feb
05
IOCs aren't for blocking - they are for control validation
There is a misconception out there that security departments should be ingesting feeds of Indicators of Compromise (IOCs) and loading
3 min read
Jan
31
Patching is Overrated
Patching became a household term during the Equifax security breach and Congressional hearings. While IT maintenance and hygiene have their
4 min read