Calling Out The Security Community on AI

I want to call out our community for a second on AI. And this applies to me as well because I have many of the same feelings. I feel there are too many in the security community who believe that AI is a minefield, and that it’s our job to warn people not to walk into it. I…

March 20, 2023
Read More >>

New World, New Rules: Securing the Future State

I published an article today on the Oracle Cloud Security blog that takes a look at how approaches to information security must adapt to address the needs of the future state (of IT). For some organizations, it’s really the current state. But, I like t…

January 30, 2018
Read More >>

Hyperbole in Breach Reporting

While reading the news this morning about yet another successful data breach, I couldn’t help but wonder if the hyperbole used in reporting about data breaches is stifling our ability to educate key stakeholders on what they really need to know.

Today…

September 25, 2017
Read More >>

Encryption would NOT have saved Equifax

I read a few articles this week suggesting that the big question for Equifax is whether or not their data was encrypted. The State of Massachusetts, speaking about the lawsuit it filed, said that Equifax “didn’t put in safeguards like encryption that w…

September 21, 2017
Read More >>

The Evolution of Mobile Security

Today, I posted a blog entry to the Oracle Identity Management blog titled Analyzing How MDM and MAM Stack Up Against Your Mobile Security Requirements. In the post, I walk through a quick history of mobile security starting with MDM, evolving into MAM…

April 2, 2014
Read More >>

RSA Conference 2014

I’m at the RSA Conference this week. I considered the point of view that perhaps there’s something to be said for abstaining this year but ultimately my decision to maintain course was based on two premises: (1) RSA didn’t know the NSA had a backdoor w…

February 24, 2014
Read More >>