Here is a mega update on several items I’ve been working on lately.
First, I did a podcast with ThreatConnect talking about CRQ. We did a bit of a retrospective on the FAIR book as well which was nice.
Next is a piece I wrote for ISACA about how to not over-respond to current work from home trends in this article about Zero Trust
I also wrote a piece for the NACD about how to apply cyber scenario management to better your risk management practices.
Finally I wrote this article, also for ISACA, about advanced applications of the risk treatment options and how they are not all the same.