Tags

featured

SRE Metrics and Security Measurement

Why can’t IT and security get along better? Disciplined technology teams use data and metrics strategically. But security and risk teams think about metrics differently than the rest ...

In metrics, Jun 05, 2019
SRE Metrics and Security Measurement

Five Things the Last Decade Taught Me About Security Metrics

This is the nominal text of my opening remarks for Metricon X, delivered on March 21, 2019. It has been lightly edited for clarity and a few identities have been slightly disguised. T...

In metricon, Mar 21, 2019
Five Things the Last Decade Taught Me About Security Metrics

The Twenty-Year War on Cybercrime

This is the text of a speech I delivered at the Gartner Group Security and Risk Management Summit in June 2015. I originally wrote the speech for Sir Roger Carr, the Chairman of BAE S...

In security, risk, big data, Jun 06, 2015
The Twenty-Year War on Cybercrime

Review of Stephen Few’s “Information Dashboard Design, Second Edition”

Twenty years ago, a polymath prophet named Edward Tufte self-published an incendiary book, The Visual Display of Quantitative Information. It forever changed how a certain species of ...

In visualization, Aug 13, 2013
Review of Stephen Few’s “Information Dashboard Design, Second Edition”

Cybersecurity for Machine-to-Machine (M2M) Networks

This is the nominal text of panel remarks I delivered at the Telecommunications Industry Association’s M2M & Cybersecurity Workshop on June 4th, 2013. The objective of the panel w...

In security, Jun 04, 2013

“Everything was green. Mulally thought that was odd for a company losing billions.”

I have been a fan of the Ford Motor Company ever since I was a boy. There’s no rational reason for it, but then again, experts tell us that brand preferences are formed at very early ...

In strategy, leadership, Feb 21, 2013
“Everything was green. Mulally thought that was odd for a company losing billions.”

Escaping the Hamster Wheel of Pain

Risk Management is Where the Confusion IsLately I’ve been accumulating a lot of slideware from security companies advertising their wares. In just about every deck the purveyor bandie...

In security, hamsters, books, May 04, 2005
Escaping the Hamster Wheel of Pain

sticky

The Twenty-Year War on Cybercrime

This is the text of a speech I delivered at the Gartner Group Security and Risk Management Summit in June 2015. I originally wrote the speech for Sir Roger Carr, the Chairman of BAE S...

In security, risk, big data, Jun 06, 2015
The Twenty-Year War on Cybercrime

Featured

  1. SRE Metrics and Security Measurement
    In metrics,
  2. Five Things the Last Decade Taught Me About Security Metrics
    In metricon,
  3. The Twenty-Year War on Cybercrime
    In security, risk, big data,
  4. Review of Stephen Few’s “Information Dashboard Design, Second Edition”
    In visualization,
  5. Cybersecurity for Machine-to-Machine (M2M) Networks
    In security,
  6. “Everything was green. Mulally thought that was odd for a company losing billions.”
    In strategy, leadership,
  7. Escaping the Hamster Wheel of Pain
    In security, hamsters, books,