Tags

SRE Metrics and Security Measurement

Why can’t IT and security get along better? Disciplined technology teams use data and metrics strategically. But security and risk teams think about metrics differently than the rest ...

In metrics, Jun 05, 2019

Five Things the Last Decade Taught Me About Security Metrics

This is the nominal text of my opening remarks for Metricon X, delivered on March 21, 2019. It has been lightly edited for clarity and a few identities have been slightly disguised. T...

In metricon, Mar 21, 2019

The Twenty-Year War on Cybercrime

This is the text of a speech I delivered at the Gartner Group Security and Risk Management Summit in June 2015. I originally wrote the speech for Sir Roger Carr, the Chairman of BAE S...

In security, risk, big data, Jun 06, 2015

Review of Stephen Few’s “Information Dashboard Design, Second Edition”

Twenty years ago, a polymath prophet named Edward Tufte self-published an incendiary book, The Visual Display of Quantitative Information. It forever changed how a certain species of ...

In visualization, Aug 13, 2013

Cybersecurity for Machine-to-Machine (M2M) Networks

This is the nominal text of panel remarks I delivered at the Telecommunications Industry Association’s M2M & Cybersecurity Workshop on June 4th, 2013. The objective of the panel w...

In security, Jun 04, 2013

“Everything was green. Mulally thought that was odd for a company losing billions.”

I have been a fan of the Ford Motor Company ever since I was a boy. There’s no rational reason for it, but then again, experts tell us that brand preferences are formed at very early ...

In strategy, leadership, Feb 21, 2013

Escaping the Hamster Wheel of Pain

Risk Management is Where the Confusion IsLately I’ve been accumulating a lot of slideware from security companies advertising their wares. In just about every deck the purveyor bandie...

In security, hamsters, books, May 04, 2005

sticky

The Twenty-Year War on Cybercrime

This is the text of a speech I delivered at the Gartner Group Security and Risk Management Summit in June 2015. I originally wrote the speech for Sir Roger Carr, the Chairman of BAE S...

In security, risk, big data, Jun 06, 2015