First Federal Chief Information Security Officer (CISO) and 4-time CISO. Advisory Board member, speaker, author, thought leader, and Swiss Army Knife of Cyber.
The recent Executive Order (E.O.) on Cybersecurity following the pipeline ransomware attack is a good move in the right direction, but E.O.s only apply to the Executive Branch. The Federal Information Security Modernization Act of 2014 is out of date and in dire need of refresh.
@kpyke I was fortunate to work at CISA in the Ballston area over the years, and catching the Capitals practicing on the rink in the building next to parking lot above Ballston mall was a great way to start the day.
Watch the latest installment in our "Journey of a CISO" series, where @BrodyCyber chats with Brent Conran about his journey to the #CISO position at @intel Corporation. https://t.co/noDKO0B0Zu
Your semi-regular reminder that if the CISO reports to the CIO in your organization, your cybersecurity and risk management governance is broken. It is a conflict of interest for the CISO to attest to the security and compliance of technology that the boss is putting in place.
@kpyke It is an ongoing challenge for kinetic commanders to operate in cyberspace and for cyberspace commanders to operate in kinetic space, and that challenge continues to impede warfighting operations.
Software will *never* be “secure.” N-E-V-E-R. The best you can achieve is to instrument its environs, such that someone who cares sees evidence of suspicious or malicious activity in time to stop escalation to breach. This has been true for decades; “prevention eventually fails.”
Labor Day is about celebrating the working class men and women whose grit and resilience built our country and made our economic progress possible. They’ve raised their voices, advocated for better working conditions, and kept our country going.
CISA Director @CISAJen told the crowd at DEFCON that the biggest issue that keeps her up at night is "battling the bureaucracy" to be on par with the private sector, both in terms of being able to keep up with cyber threats and to be faster at hiring.