About Us | Contact Us
View Cart
Author Archive

Risk-Based Authentication Practices

By Dan Hadaway - Last updated: Monday, June 21, 2021

A follow-up on Dan’s 2008 Password Manifesto On the NIST Publication on Digital Identity Guidelines Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . In June 2017, NIST released a special publication on digital identity, NIST SP 800-63, that is starting to get the attention […]


The Risk of AI Risk

By Dan Hadaway - Last updated: Monday, May 24, 2021

Or, the risk of email hypnosis . . . And the other implications of complacency! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Now that the pandemic is coming to an end, most of us are returning to our daily commutes.  Are you finding […]


Sometimes Say Sometimes

By Dan Hadaway - Last updated: Monday, March 22, 2021

Another Manifesto A supply-chain manifesto by the author of Never Say Never: A Password Manifesto! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . [Sssshh.  Turn out the lights.  Let’s lower our inner voices, as I have something to propose that might be a bit […]


The One Test

By Dan Hadaway - Last updated: Friday, January 8, 2021

The One Test… …Is there a Test that Covers 9/11’s of the Battle? Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Twenty years ago two geek-friends and I debated the following question:  “Is there an Audit Test that covers 9/11’s of the battle?” This […]


The Magnificent Seven 2021

By Dan Hadaway - Last updated: Monday, December 21, 2020

Seven Trends . . . that small bank Information Security Officers face in 2021 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcome to the Magnificent Seven, my annual predictive article about the seven trends in technology that will impact the Information Security Officers of […]


R7-2021

By Dan Hadaway - Last updated: Monday, December 21, 2020

Top Seven Risks . . . that small bank Information Security Officers face in 2021 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Once again, I compile this list in preparation for updating our normal board of directors awareness training PowerPoints and movies and such. […]


Incident Response on Steroids!

By Dan Hadaway - Last updated: Tuesday, December 15, 2020

Turning Letters into Lemonade . . . Could Marketing Messages be Pre-Planned Into Response? Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Something I just noticed: I now know what Yandex is. And I would not have known about this interesting browser had it […]


State Law Inventory

By Dan Hadaway - Last updated: Thursday, December 3, 2020

An Assist for Your Incident Response Team . . . To be Used for Incidents! Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . I want to circle back around to an article written by Matt Jolley CISA, our resident researcher, who spent months compiling […]


Tactical Plan Alternatives

By Dan Hadaway - Last updated: Wednesday, November 18, 2020

  Alternatives From 2020 Conferences The 2020 Update Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Each year as we go to various conferences throughout the Midwest ranging in scope; from small banker conferences that Dan himself moderates, to hacker conferences like Defcon.  We […]


Notes on Disaster Recovery

By Dan Hadaway - Last updated: Thursday, November 5, 2020

An Analogy… …About Taking Better Notes Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . An interesting set of metaphors arose out of our efforts to improve our time management practices at infotex.  In the spirit of sound strategic planning, we as a team decided […]