Overrated? On TPRM, SBOM, Solarwinds, and Supply Chain Security
We've all run to the same side of the boat on supply chain security when it comes to cyber. Rather
Cyber Governance: What is Fair to Expect from Board Directors and Management? 2 of 4
Episode 2: Risks
In Episode 1 of this series I talked about oversight of cybersecurity threats and how a Board
Episode 07 - Bug Bounties with guest Casey Ellis
Bugcrowd founder Casey Ellis joins #lifeafterCISO to talk about bug bounty programs in the wake of the Joe Sullivan Uber
Cyber Governance: What is Fair to Expect from Board Directors and Management? 1 of 4
With mounting pressure around cyber literacy in the Boardroom, Directors are looking for specifics around what will be expected of
Vulnerability management is dead. But GRC is hiring...
I used to have a TVM team. Threat & Vulnerability Management. The individuals in there had the word "Vulnerability" in their
How much AppSec is too much?
I've been using the term "West Coast CISO" a lot lately. While it feels like CISOs used to be either