
What is the CCPA and why should you care?
CCPA is the law and the only way for a business to opt-out of it is to go out of business. For businesses that want to stay in business, however, CCPA is just the beginning of things to come.

Where Chicken Little meets information security
Outside of a movie theater, your plane won’t be hacked out of the sky.

Information security lessons from Theranos
An explosive new book Bad Blood: Secrets and Lies in a Silicon Valley Startup wasn’t written about security awareness, but it could have been.

It was 35 days to GDPR, and a lot of sleepless nights
GDPR went live on May 25, 2018. A month before the implementation date, attendees at the RSA Conference struggled with being fully ready.

Another night at the information security museum
Firms need to put fundamental information security processes in place to ensure they don’t become ransomware victims. It’s not that difficult, people.

Making the most of your time at the RSA 2018 conference
A guide to the RSA 2018 conference. Going to RSA 2018? Failing to plan is planning to fail.

Understanding Gartner, and its limitations
Using a Gartner MQ is a great way to get an initial list of some of the products in the particular space. But it is not the definitive list by any stretch of the imagination.

The ultimate information security book for Halloween
The General Data Protection Regulation (GDPR) may sound bland, but it’s the biggest, baddest and most powerful data security regulation ever created. Be afraid...be very afraid.

The rise of the cheap information security officer
When it comes to hiring a CISO, firms get what they pay for. And they’ll have to live with the consequences when they try to be security misers.

Just say no to Facebook quizzes
Clickbait by any other name is just the same. These quizzes take your personal information, and leave with cookies and malware.
The 1 thing clickbait sites don’t want you to know will leave you breathless
German philosopher Arthur Schopenhauer said that “one can never read too little of bad or too much of good books: bad books are intellectual poison; they destroy the mind. Take Schopenhauer’s advice – don’t click.

Night at the information security museum
Museum physical security incidents provide an excellent learning mechanism for information security teams. With that, I’d like to look at three major museum incidents and provide a lesson learned from each for information security...

Introducing the Cybersecurity Canon
Last month David Bisson wrote a blog post 10 Must-Read Books for Information Security Professionals, where he asked information security professionals their must-read book. There’s a number of books listed there that are definitely...

To pay, or not to pay, that is the ransomware question
The FBI says don’t pay. Should you heed their advice?

My obligatory 2017 predictions
Tis the information security season to make predictions about what security year 2017 will bring.

Hillary Clinton might have been a pretty good president had she used Pretty Good Privacy
Had Presidential candidate Hillary Clinton employed basic email security techniques, she’d be President-elect.

Who is the information security preferred candidate? A look at presidential election 2016
Trump or Clinton. Which of the 2 leading candidates is best from an information security perspective? Should a CISO prefer one over the other?

Cyber self-defense for kids (and parents too)
Today is the last day of national cyber security awareness month, but not too late for Ben Rothke, CISSP, QSA, Senior Security Consultant, Herjavec Group to provide some tips for parents and children.

A tale of two PCI attestation documents
Is your PCI service provider willing to easily share their AoC? That’s a good sign.