Posts
Talks
2025
SLICING SECONDARY ASSETS TO BROADLY OR TO NARROW UNDERMINES RISK MANAGEMENT
May 29
IF EVERYTHING IS A (SECONDARY) ASSET, NOTHING IS MANAGEABLE
May 22
THREAT ONTOLOGIES OVER THREAT LISTS – LESS 'LISTICLE', MORE LOGIC
May 15
NOT ALL CONTROLS, FOR ALL ASSETS, ALL THE TIME: SMARTER SCOPING STARTS WITH ASSET PROPERTIES
May 9
WHY INFOSEC INVENTORIES NEED LAYERS — AND HOW TO LINK THEM
May 2
NOT EVERY INCIDENT CAUSES DAMAGE. BUT THAT DOESN’T MEAN IT’S NOT WORTH TALKING ABOUT.
Apr 24
SECURITY INCIDENT FREQUENCY STATS ARE (MOSTLY) USELESS.
Apr 17