Category Archives: Cybersecurity

In defense of Incrementalism (in vulnerability management)

Posted on March 6, 2024 by Jeffrey

Most of the vulnerability management programs I’ve encountered suffered from analysis paralysis—the infosec team had reams of data (or multiple spreadsheets) on their vulnerabilities but couldn’t make progress because they couldn’t decide where to start. Questions I frequently hear include:… (read more)

Posted in Cybersecurity | Tagged , | Comments Off on In defense of Incrementalism (in vulnerability management)

Threats and Risks . . . and Vulnerabilities

Posted on February 13, 2024 by Jeffrey

During an interview last week I was asked to define the difference between a Threat and a Risk using language that a non-technical CEO would understand. I gave a good answer and made it to the next round. And then… (read more)

Posted in Cybersecurity | Tagged , , | Comments Off on Threats and Risks . . . and Vulnerabilities

Cybersecurity for Small Businesses, Part 1: Make it Harder

Posted on December 22, 2023 by Jeffrey

This is the first of six posts on Cybersecurity for small businesses. Click here for the Introduction and links to the others. Make it Harder Make the attacker’s job harder, starting with passwords. Strengthen your passwords The goal here is… (read more)

Posted in Cybersecurity | Tagged , , | Comments Off on Cybersecurity for Small Businesses, Part 1: Make it Harder

Cybersecurity Presentation for Small Businesses: Introduction

Posted on December 15, 2023 by Jeffrey

This series of posts started as an outline for a short presentation on Cybersecurity for small businesses that I would eventually give multiple times over a couple of years in the northeast Ohio area. At the time, I was advised… (read more)

Posted in Cybersecurity | Tagged , , | Comments Off on Cybersecurity Presentation for Small Businesses: Introduction