Note to CIOs: Your organization will never be 100% secure

We’ve already established that perfect security is impossibly in cyberspace, especially with the move to the cloud, the consumerization of IT, and the rise of mobile. Still, even with current transformations, IT can still get more secure as it evolves. Recently, HP announced an enterprise security strategy to address these new challenges, which was described […]

FusionX: Persistent Cyber Risk Management for the Enterprise

FusionX is a firm made up of long term friends and trusted associates who I have served with for over a decade (including close friends Matt Devost and Tom Parker). I know them well and consider them to be among the most trusted actors in cyber security. Their methods and models help enterprises discover and […]

NIST Publishes IT Supply Chain Risk Guidance, FBI Explores Wisconsin Payroll Hack and more

Here are the top cyber news and stories of the day. NIST publishes IT supply chain risk guidance – Supply Chain Risk management will be a growing concern as we continue to source almost all of our silicon and technology from foreign countries. The NIST document “calls for procurement organizations to establish a coordinated team approach to assess the […]

Seven Shapers Of Technology in 2013

What will our collective technological future be like in 2013? The answer, of course, depends a great deal on what actions we take to make our future. But the answer also depends on many other factors, including mega trends that are transforming entire industries. We recently reviewed and updated our assessments on all the IT […]

Ready or not, software is eating the government contracting world

As readers of CTOvision you no doubt track the trends and are as aware as any of how software transforms industries, sometimes in shockingly brutal ways. I take no pleasure in telling any of you that my focus industry, the advanced technology sector around national security missions, is about to see massive, at times very […]

An Introduction to Risk Analysis

The goal of risk management is to deliver optimal security at a reasonable cost. This article introduces quantitative risk analysis, cost/benefit analysis, risk handling, and types of countermeasures. The CIA Triad Risk is related with vulnerabilities, which threaten the confidentiality (C), integrity (I), and availability (A) of the assets. This is described as the CIA […]