“I am coaching and helping organizations to improve their security posture and cyber resilience.”
About 40 million lightning strikes hit the ground in the United States each year. But the odds of being struck by lightning in a given year are less than one in a million, and almost 90% of all lightning strike victims survive. The odds of being struck multiple times is even less, with the record […]
Read More WHAT IS RISK? MODELED & EXPLAINEDWhen you are leasing a car does not mean that you can drive around totally wreckless on the streets and skip all the rules that apply. You still need to drive the car according to certain terms, conditions, and rules. You are not allowed to be lawless and go cowboy-style. This behavior is not-so-good driver […]
Read More CLOUD SECURITY GOVERNANCE – CONTRACTS & AGREEMENTSIn this article, the focus will be on the Risk Analysis phase in the Risk Assessment process. I will go through the phase, Analysis, and the elements within it. Risk Analysis is the second phase of the Risk Assessment process. If you want to read about the Risk Identification phase (which is the first phase), […]
Read More THE RISK ANALYSIS PHASE EXPLAINEDWHAT IS THE CIA TRIAD? History first. And this is what I have come around regarding historical smaller findings around the topic of how the CIA triad became a thing. The acronym, CIA within Information Security, stands for Confidentiality, Integrity, and Availability which are three common perspectives of security. The CIA triad is a well-known […]
Read More THE CIA TRIAD MADE PRACTICALToday’s subject is about security in the Cloud-city, Cloud security governance. Before we jump into today’s subject let’s clarify some acronyms and terms that will be used several times in this, and future, article(s) about the cloud. I have used the descriptions for SaaS, PaaS, and IaaS from Wikipedia, which are the most common forms […]
Read More CLOUD SECURITY GOVERNANCE – THE PROCESSThe focus in this article will mainly be on the Risk Assessment Process and the Identification phase. I will go through what they contain and the elements within them. If you are new to Risk Management, I recommend you to read this article What is Risk Management. This illustration is a summarized view of Risk […]
Read More THE RISK ASSESSMENT PROCESS & IDENTIFICATION PHASE EXPLAINED“According to National Geographic the risk for a human of getting attacked by a shark is 1 in 3.7 million. You’re also more likely to be injured by home improvement tools than by a shark, according to the Florida Museum of Natural History.” The impact of being attacked by a shark can have lethal consequences. […]
Read More WHAT IS RISK MANAGEMENT?“The best way to explain it is to do it.” Chapter III. A Caucus-Race and a Long Tale, Alice’s Adventures in Wonderland (1865)” This quote says a lot. In many cases leadership, as a CISO or similar roles within cyber and information security or in business management, the best way to lead is to explain. […]
Read More A DAY AT WORK AS A CISO – PART #3 [EXTENDED]Cat: Oh by the way, if you really like to know, he went that way. Alice: Who did? Cat: The white rabbit. Alice: He went that way? Cat: Who did? Alice: The white rabbit! Cat: What rabbit? Alice: Didn’t you just say? Cat: Can you stand on your head? Alice: ???<gets mad>??? What if Alice […]
Read More A DAY AT WORK AS A CISO – PART #2 [EXTENDED]Cat: Where are you going? Alice: Which way should I go? Cat: That depends on where you are going. Alice: I don’t know. Cat: Then it doesn’t matter which way you go. The quote is from Alice in Wonderland. And the role as a CISO, Chief Information Security Officer, is in many ways starting out […]
Read More A DAY AT WORK AS A CISO – PART #1 [EXTENDED]
Henrik Parkkinen 