Policy, Procedure, or Plan
Some standards like PCI and NIST require policies that cover specific topics. Sometimes you will see a requirement for a policy and...
IT Governance & IT Management
Many practitioners use these terms governance and management synonymously. While there is some overlap in practice, there are key...
Cybersecurity Policies Made Easy
People often ask for advice regarding information security or cybersecurity policies. For the remainder of this article, I will use...
Does Security Awareness Work?
According to the Verizon 2018 Data Breach Report, 93% of data breaches are linked to phishing or social engineering. With stats like...
The Visible Ops Handbook
This is a book review I wrote back in 2007 for a past version of this website. I am resurrecting it because it is still applicable today....
Cyber-security for Local Governments 2017
In this presentation, given at Maze Live 2017, I cover how the IT control environment overlaps with he financial control environment. ...
Create a modern workplace with Microsoft 365
The workplace is transforming - from changing employee expectations, to more diverse and globally distributed teams, to an increasingly...
Recent Data Breaches 4 OCT 2017
Equifax Given the nature the breach I have been tracking this is a separate blog post. So far we can determine their inventory process,...
Windows Update for Business
Learn the best practices and guidance on how to service Windows 10 leveraging Windows Update for Business platform. In this session we...
Microsoft Ignite 2017 Keynote
Satya Nadella, CEO Microsoft, oversees all aspects of Microsoft business and leadership--from cloud and mobile development to digital and...