careers

Post thumbnail

I am very excited to announce that Linkedin Learning has released “Threat Modeling: Denial of Service and Elevation of Privilege.” This is the sixth course I’ve done with them, and completes a cycle which starts with “Learning Threat Modeling for Security Professionals,” and then steps through each of the STRIDE threats in depth. (We combined…

Read More Linkedin Learning

Well, Richard Smith has “resigned” from Equifax. The CEO being fired is a rare outcome of a breach, and so I want to discuss what’s going on and put it into context, which includes the failures at DHS, and Deloitte breach. Also, I aim to follow the advice to praise specifically and criticize in general,…

Read More It’s Not The Crime, It’s The Coverup or the Chaos

I’m a big fan of learning from our experiences around breaches. Claims like “your stock will fall”, or “your customers will flee” are shown to be false by statistical analysis, and I expect we’d see the same if we looked at people losing their jobs over breaches. (We could do this, for example, via LinkedIn…

Read More Your career is over after a breach? Another Myth, Busted!