weighing in on a debate with no one right answer A few thoughts on “the debate” that is still going on. And has been for decades. Should the Security function report in to IT. I’ve been a firm “no” for as long as I’ve been a practitioner. I started reporting into a profit center/revenue unit … Continue reading
Tag Archives: technology
Saying the quiet part out loud
The CISO has always been one of the organization’s debunker of myths- often those that IT tells. Here’s a classic most if not all CISO’s have heard: “Sure it hasn’t been patched in 2 years but it’s behind the firewall so there’s no risk.” The role is increasingly called on to add some reality to … Continue reading
{Cyber Security} 