First off, I’m very pleased to announce that I will be presenting again next year at the RSA Conference. My session is called “Maturing Cyber-Risk Management Practices: Framework and Next Steps” (EZCL-R01). This will be done as a Collaborative Learning Session (a new RSAC format). I’ll lead a discussion then turn it over to theContinue reading “RSA 2020, NIST CSF, and Dark Reading”
Category Archives: Book
New Book: Fintech Growth and Deregulation
My new co-edited book on FinTech published
Interviewed for the Cyber Canon
Back in April, when Jack Jones and I were inducted into the Cyber Security Canon we had the pleasure of being interviewed by Rick Howard, CSO of Palo Alto Networks. You can view the video here or watch it below. (They published the interview video back in September and I forgot to post it here.) It was hotContinue reading “Interviewed for the Cyber Canon”
OpRisk Book Chapter on Cyber Published
I’m pleased to announce that a new book has been published that includes a chapter that I wrote on Cybersecurity and Technology Risk. I was approached by the good folks at Risk Books on contributing some original Cyber content in their new publication on Operational Risk. I choose to address the general risks in theContinue reading “OpRisk Book Chapter on Cyber Published”
RedZone Podcast about Risk Forecasting
Bill Murphy‘s interview with me for his RedZone podcast was posted today. I had a great time talking with Bill about risk, FAIR, and forecasting. You can find the podcast here. It was a great discussion, and Bill was a very gracious host. His entire podcast series is worth subscribing to: he interviews some reallyContinue reading “RedZone Podcast about Risk Forecasting”
Inducted into the Cybersecurity Canon
I’m very pleased to announced that the book I coauthored with Jack Jones (Measuring and Managing Information Risk: A FAIR Approach) has been inducted today into the Cybersecurity Canon at the Palo Alto Networks 2016 Ignite Conference. The Canon includes books both fiction and nonfiction that accurately depict the history, milestones, and culture of theContinue reading “Inducted into the Cybersecurity Canon”
Speaking at OpRisk North America 2015
It’s a busy week for me. In addition to the webinar this Friday, next Monday (23 March) I’ll be holding a workshop at 11:00 AM in the Data Quality track of the OpRisk North America conference. I’ll be talking about financial metrics, risk appetite, volatility trends, and scenario analysis. You can’t have quality data withoutContinue reading “Speaking at OpRisk North America 2015”
SIRA Webinar on FAIR Book
Jack Jones and I are going to be tag-teaming a webinar this Friday on our book for the Society of Information Risk Analysts. More information here. Please join us if you are interested in learning more about the book.
Best Information Security Book of 2014
Recently Ben Rothke named Measuring and Managing Information Risk as the Best Book of 2014. Frankly, I’m humbled by this as the field of competitors we are named amongst are very strong; Adam Shostack’s book was even named as best of 2014 by the venerable Bruce Schneier.
The Definitive Guide to FAIR is now for sale everywhere!
The wait is over! The definitive guide to using FAIR in your daily risk work is now for sale everywhere you care to buy books (which in today’s book business means Amazon, Google, etc.). It’s available in soft cover if you want a physical book and also on eBook. There are a few reviews out thereContinue reading “The Definitive Guide to FAIR is now for sale everywhere!”
