Container Lockdown!

Reading Time: 4 minutes If you are working in the information technology sector and your organization is moving towards the Cloud and/or your application development team is using Agile development, then you will inevitably encounter application containers (or simply “containers”).  As an information security professional, I not only have to understand the technology and processes but I also have


Reading Time: 2 minutes An information technology practitioner or one aspiring to become one should seriously learn about the Public Cloud market. According to Synergy Research Group, the Cloud market is over a $17 billion market (Synergy Research Group report) that continues to grow every year. The three biggest companies in the public cloud market are Amazon (Amazon Web

Five Steps to Improving Your Patch Management Program

Reading Time: 3 minutes How many security professionals feel like no matter how many security solutions enter the market and no matter how big your security team is you never seem to get ahead of patching vulnerabilities? I know we are far beyond the idea of applying every patch released by vendors. But we didn’t get to this place


Reading Time: 3 minutes SharePoint is one of the most customizable tools available.  The highly customizable nature of the platform provides multiple areas for innovation and collaboration.  While flexibility is great, it is key for Information Technology staffs to provide a framework that business units can use to ensure tools within the enterprise architecture portfolio are used effectively and

The Start: Sharepoint Online Defense

Reading Time: 2 minutes SharePoint is one of the most prevalent tools available.  It requires management, governance and oversight to ensure effective use of a well-rounded platform.  The security triad (confidentiality, integrity, availability) guides us to insure data is confidential, available when users need access and hasn’t been modified.  The question is; How is your team securing the data

The Price of Entry

To Certify Or Not To Certify?

Reading Time: < 1 minute “How can I break into the information technology field?”   This has to be one of the most frequently asked question of IT professionals from college students and folks making a career change. There is no formula to solve this problem because there are so many unknown variables such as timing, chance, who you know,

Is There An Easier Way to Report to Execs?

Using the CSF Core Functions

Reading Time: 3 minutes Implementing and/or improving a cybersecurity program takes leadership, support, and funding.  I created a 3-Year Cybersecurity Roadmap to focus the efforts of the Cybersecurity team, attain C-suite executive support, allocate resources, and attain funding.  To receive continued support and funding I am required to report on the maturation and effectiveness of our strategy.  If you’ve

FREE CPE Chaser!

CPEs That Only Cost Time

Reading Time: 2 minutes The IT field is a constantly changing and challenging career field.  Being successful in this field requires professionals to continuously improve their skills and maintain adequate levels of competency on new trends, techniques, tactics, and technologies.  As a certificate holder (e.g., CISSP, CISA, PMP), it is not only expected but also required to maintain the

Seize the Opportunity

Improve your chances of getting a job in cybersecurity

Reading Time: 2 minutes Cybersecurity is a hot career field and with increasing breaches in all sectors of industry it doesn’t appear to be cooling off for some time.  Every year there are more and more graduates entering the field and the competition for jobs is growing stiffer.  While there are many qualified candidates, I often encounter recent computer