NIST CSF, Vendor Risk, and Threat Intel

ICYMI for September!

  • A large whitepaper I wrote for ISACA on vendor risk was published here
    • A piece I wrote for ISACA about this is posted here
    • The FAIR Institute blogged about it here
  • I wrote an article for the ISSA Journal about integrating threat intelligence and risk intelligence (pay-walled, but available here)
    • The FAIR Institute blogged about this article here
  • My column for the @ISACA newsletter came out and I really liked this one as it spoke about how many organiations manage risk by storytelling. You can read it here
    • FAIR Institute post on this here
  • I’m really proud of this one! I’ve been working with NIST to formally map FAIR to the NIST CSF standard. That was recently published. More on this here
  • I wrote an article on credit ratings and cyber risk here
  • I wrote a piece for ThreatPost about justify investments in TIG technology
  • Lastly, I was quoted in HealthITSecurity in an article about FAIRCon ’19

 

 

 

 

 

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s